30.7 Troubleshooting MobileAccess

30.7.1 Using the Same Mobile Device for Different Users Causes the Expired Session Error

Issue: You have a company iPad or Android tablet. User1 has registered and used the tablet with the company and then left the company. You deregister User1 and then reassign the tablet to User2. After User 2 registers the tablet and tries to access an appmark, they get an error of expired session.

Solution: The user must try the appmark a second time and then they can access the resource. The reason for this is a cookie still exists for User1, who no longer is valid. The second attempt replaces the cookie with a valid cookie for User2.

30.7.2 Simple Authentication with a Pop-up Browser Window Does Not Work for MobileAccess

Issue: You have a web server configured to use simple authentication. Simple authentication requires a pop-up browser window for authentication. The users receives a 401 error.

Solution: Mobile platforms do not support pop-up browser windows. Any web server that requires a simple authentication, using a pop-up browser window, fails in the mobile environment with the internal browser. DO not use pop-up browsers windows for authentication in a MobileAccess environment.(948904)

30.7.3 Users Fail to Authenticate to MobileAccess when Appmarks Are Launched in the Chrome Browser

Issue: If a user sets up a Chrome profile and then tries to use a Google Apps resource configured to use Chrome on MobileAccess, the login fails because Chrome passes the saved profile user name and password to the resource instead of passing the user name and password from MobileAccess. This issue occurs for any Google Apps resource (for example, Gmail or Google Drive) on iOS and Android mobile devices. (Bug 948622)

Solution: Users can remove their Chrome profile to avoid this issue, or you can configure the appropriate Google Apps appmarks in Access Manager so the resources open with Firefox, an internal viewer, or a user-selectable option, instead of Chrome.

30.7.4 Changes to MobileAccess do not Appear in Administration Console

Issue: If you have more than one Administration Console, after you make changes to MobileAccess and save the changes, the changes do not appear in Administration Console.

Solution: Access Manager synchronizes the changes between Administration Consoles and this can take some time. There is a built-in delay so that the changes have time to synchronize between Administration Consoles. If you need a further delay than the built-in delay, you can increase the delay with a Java parameter. The Java parameter is defined in a configuration file on Linux and as a registry key on Windows servers.

This problem occurs when you change the Branding of the User Portal page as well. If you make the change for MobileAccess, you do not need to make additional changes to fix Branding. The solution is the same for both features.

To add the Java parameter:

  1. (Conditional) If you have a Linux server, you must edit the tomcat7.conf file located here /opt/novell/nam/adminconsole/conf/tomcat7.conf.

    1. Open the tomcat7.conf file in a text editor.

    2. Add the following parameter with a delay value that is appropriate for your environment:

      JAVA_OPTS="${JAVA_OPTS} -DAMSrvDoorBellDelay=10000"

      The value is in milliseconds. This example increases the delay to 10 seconds.

    3. Save and close the tomcat7.conf file.

    4. Restart Tomcat to have the parameter take effect.

       /etc/init.d/novell-ac restart
  2. (Conditional) If you have a Windows server, you must add a registry key.

    1. Launch the Registry Editor as an administrator, by clicking Start > Run, then enter regedit.

    2. In the left pane of the Registry Editor, navigate to My Computer > HKEY_LOCAL_MACHINE >SOFTWARE > Wow6432Node > Apache Software Foundation > Procurn2.0 > Tomcat7 > Parameters > Java.

    3. Double-click Options in the right pane of the Registry Editor.

    4. Add the following key with the delay value that is appropriate for your environment:

      -DAMSrvDoorBellDelay=10000"

      The value is in milliseconds. This example increases the delay to 10 seconds.

    5. Close the Registry Editor.

    6. Restart Tomcat by using the following commands:

      net stop Tomcat7
      net start Tomcat7