The following table lists the issues you might encounter and the suggested actions for working on these issues. If the problem persists, contact your NetIQ representative.
Issue |
Suggested Actions |
---|---|
If the LDAP Server Name specified in the Certificate Subject and the Application Configuration are different, the Identity Applications fails to connect to the Identity Vault after upgrading Identity Manager. |
Java enables endpoint identification on LDAPS connections and thus mandates that the server name that you specify while connecting to the Identity Manager server and the server name returned in the certificate are the same. If the server names are different, perform the following steps:
|
When Identity Applications and Identity Reporting are installed on the same server and you perform configuration changes using the configuration update utility located at <reporting install folder>/bin directory, the Identity Manager Dashboard fails to launch. The following error is reported in catalina.out log file: EboPortalBootServlet [RBPM] +++++WARNING!!!!: This portal application context, IDMProv, does not match the portal.context property set in the PortalService-conf/config.xml file. Only one portal per database is allowed. Data has been loaded using the previous portal context. To correct this you must revert back to the previous portal name of, NoCacheFilter, please consult the documentation. |
For any configuration changes, use the configuration update utility located at /opt/netiq/idm/apps/configupdate/ directory. |
Cannot change the password of a property using the configuration update utility. |
You can change the password of a property, for example com.netiq.rpt.ssl-keystore from the command line by performing the following steps:
|
If Identity Reporting is installed on a standalone server and you launch the Identity Reporting or the IDM DCS URL from the dashboard, then the URL fails to launch. |
Perform the following steps after you launch the Identity Reporting or IDM DCS URL:
In addition to that, navigate to the configupdate.sh.properties file on the server where Identity Applications is installed and add the entry called rpt in the sso_apps parameter and then save the changes. For example, sso_apps=ua,rpt |
If Identity Applications and Identity Reporting are installed on the same server and CEF auditing is enabled for OSP and Identity Applications, then the Reporting component fails to launch. |
Perform the following steps to workaround this issue:
|
If your Identity Applications and Identity Reporting are installed on the same server and you choose the database creation option as Startup, you will notice some exceptions in the log. |
To clear the exceptions, manually restart Tomcat. |
If your existing Identity Applications or Identity Reporting configuration has been configured without ports, and you try to upgrade to Identity Manager, the IP address and ports mentioned under the Authentication and SSO Clients tab in the configuration update utility displays incorrect values. |
Once you upgrade Identity Applications and Identity Reporting, perform the following steps:
|
You want to modify one or more of the following the User Application configuration settings created during installation:
|
Run the configuration utility independent of the installer. Linux: Run the following command from the installation directory (by default, /opt/netiq/idm/apps/configupdate/): ./configupdate.sh |
Starting Tomcat causes the following exception: port 8180 already in use |
Shut down any instances of Tomcat (or other server software) that might already be running. If you reconfigure Tomcat to use a port other than 8180, edit the config settings for the User Application driver. |
When Tomcat starts, the application reports it cannot find trusted certificates. |
Ensure that you start Tomcat by using the JDK specified during the installation of the User Application. |
Cannot log in to the portal admin page. |
Ensure that the User Application Administrator account exists. This account is not the same as your iManager administrator account. |
Cannot create new users even with administrator account. |
The User Application Administrator must be a trustee of the top container and should have Supervisor rights. You can try setting the User Application Administrator’s rights equivalent to the LDAP Administrator’s rights (using iManager). |
Starting application server throws keystore errors. |
Your application server is not using the JDK specified during the installation of the User Application. Use the keytool command to import the certificate file: keytool -import -trustcacerts -alias aliasName -file certFile -keystore ..\lib\security\cacerts -storepass changeit
|
Email notification not sent. |
Run the configupdate utility to check whether you supplied values for the following User Application configuration parameters: Email From and Email Host. Linux: Run the following command from the installation directory (by default, /opt/netiq/idm/apps/configupdate/): ./configupdate.sh |
IG SSO Clients tab is not seen in the configuration update utility |
In the configupdate.sh.properties file, add an entry for ig in the sso_apps parameter and then save the changes. If the sso_apps parameter already contains the Identity Applications and Identity Reporting entries, add the Identity Governance entry to the list. For example, sso_apps=ua,rpt,ig |