This issue can happen if a Web server returns a form with a http 403 error code. The Access Gateway, by default, returns its own custom error pages. Hence, this prevents the Form Fill feature to work. To workaround, go to Access Gateway > Advanced Options, enter ProxyErrorOverride off > click OK.
While installing the NMAS SAML method in an external user store, DN is added as Provider ID instead of the metadata URL.
To resolve this issue, perform the following steps:
Log in to the Administration Console which has the external user store.
Go to Roles and Tasks > NMAS > NMAS Login Methods > SAML Assertion > Affiliates.
Select the respective Affiliate and change the provider ID to the identity provider metadata URL. For example, https://www.trunk2.com:8443/nidp/idff/metadata.
If the upgrade program encounters an error while installing a component or encounters an unexpected condition that requires user input, the installation appears to hang.
View the installation screen and determine which component is being upgraded.
Change to the /tmp/novell_access_gateway directory.
View the log file of the component that is being upgraded.
Solve the problem described in the log file before continuing with the upgrade.
For example, if the eDirectory health check fails, the edir log file indicates that the upgrade program is waiting for a response on whether the upgrade should continue. You should abort the upgrade, run ndsrepair to repair the configurations store, then restart with the upgrade process.
If the log file of the current component does not contain any errors, use the time stamps of the log files to determine which component just finished its upgrade and check it for errors.
If you cannot determine which component is causing the problem:
Abort the upgrade.
Enter the following command:
tail -f /tmp/novell_access_gateway
This command tails all the files created in the specified directory.
Restart the upgrade.
If your server has multiple IP addresses, you might see the following error message during a Linux Administration Console upgrade:
Failed to load any MDB driver - Error: Could not load driver /usr/lib/mdb/mdbfile.so, error 9 - /usr/lib/mdb/mdbfile.so: cannot open shared object file: No such file or directory
The error occurs when running Novell Audit on servers with more than one IP address. It occurs when the system attempts to upgrade the audit server. Systems with more than one IP address have problems running Novell Audit because the multiple directory database (MDB) driver does not know which IP address to use with eDirectory. You can point Novell Audit to a specific IP address by creating an MDB configuration file.
The required filename and path for the MDB configuration file is as follows:
/etc/mdb.conf
To point Novell Audit to a specific IP address for eDirectory, the MDB configuration file must store the following parameters:
driver=mdbds referral=eDirectory_IP_ Address.
For example:
driver=mdbds referral=10.10.123.45.
You might only have one IP address, but your server might have two network adapters. If you create the /etc/mdb.conf file and specify your IP address, you do not encounter this error message when you upgrade.
Certificate commands are generated when you upgrade the Administration Console, and you should ensure that they have completed successfully. In the Administration Console, click Security > Command Status.
If a certificate command fails, note the store, then click Auditing > Troubleshooting > Certificates. Select the store, then click Re-push certificates to push the certificates to the store.
Upgrade of the secondary Administration Console fails with the following error:
Configuring HTTP service... Failed to configure HTTP service: no referrals err=-634
To workaround this issue, run the upgrade script from the secondary Administration Console terminal.
When you upgrade the operating system from SLES 11 SP3 to SLES 12 after upgrading Access Manager from 4.1 or later to 4.1 Service Pack 2, the Administration Console fails to start. This issue occurs because eDirectory services do not start after the upgrade.
To resolve this issue, perform the following steps:
Run ndsconfig upgrade at the SLES 12 server, where the Administration Console is upgraded.
This generates the necessary template files so that eDirectory starts without any issues.
Run ndsmanage startall.
This starts eDirectory services on the SLES 12 server.