1.2 Configuring the Administration Console

1.2.1 Configuring the Default View

Access Manager has two views in the Administration Console. Access Manager 3.2 and its Support Packs used the Roles and Tasks view, with Access Manager the first listed task in the left hand navigation frame. It looks similar to the following:

This view has the following advantages:

  • Other tasks that you occasionally need to manage the configuration datastore are visible.

  • If you are familiar with 3.2, you do not need to learn new ways to navigate to configure options.

Access Manager looks similar to the following:

This view has the following advantages:

  • You can follow a path to a Identity Server cluster configuration or an Access Gateway proxy service with one click. The following image shows the path to the My_Reverse proxy service of the LAG_2 Access Gateway.

  • It can remember where you have been. For example, if you are configuring the Access Gateway and need to check a setting for a Role policy, you can view that setting. If you click the Devices tab, the Administration Console remembers where you were in the Access Gateway configuration. If you click Access Gateways, it resets to that view.

  • With the navigation moved to the top of the page, the wider configuration pages no longer require a scroll bar to see all of the options.

  • Navigation is faster.

When you install or upgrade to Access Manager 3.1 or above and log in to the Administration Console, the default view is set to the Access Manager view.

Changing the View

  1. Locate the Header frame.

  2. Click either the Roles and Tasks view or the Access Manager view .

Setting a Permanent Default View

  1. In the iManager Header frame, click the Preferences view.

  2. In the left navigation frame, click Set Initial View.

  3. Select your preferred view, then click OK.

1.2.2 Changing the Administration Console Session Timeout

The web.xml file for Tomcat specifies how long an Administration Console session can remain inactive before the session times out and the administrator must authenticate again. The default value is 30 minutes.

To change this value:

  1. Change to the Tomcat configuration directory:

    Linux: /opt/novell/nam/adminconsole/conf/web.xml

    Windows Server 2008: \Program Files (x86)\Novell\Tomcat\conf

  2. Open the web.xml file in a text editor and search for the <session-timeout> parameter.

  3. Modify the value and save the file.

  4. Restart Tomcat:

    Linux: /etc/init.d/novell-ac restart OR rcnovell-ac restart

    Windows: net stop Tomcat7 net start Tomcat7

1.2.3 Changing the Password for the Administration Console

The admin of the Administration Console is a user created in the novell container of the configuration store. To change the password:

  1. In the Administration Console, click Users > Modify User.

  2. Click the Object Selector icon.

  3. Browse the novell container and select the name of the admin user, then click OK.

  4. Click Restrictions > Set Password.

  5. Enter a password in the New password text box.

  6. Confirm the password in the Retype new password text box.

  7. Click OK twice.

1.2.4 Changing the Administration Password of the User Store in the Identity Server

Perform the following steps to change the admin password of a user store configured for the Identity Server:

  1. In the Administration Console, click Devices > Identity Servers > IDP-Cluster.

  2. Go to the Local tab and click the existing user store name in the user store’s list.

  3. Enter a password that matches the User Store password in the Admin password text box.

  4. Confirm the password in the Confirm password text box.

  5. Click Apply.

1.2.5 Understanding the Administration Console Conventions

  • The required fields on a configuration page contain an asterisk by the field name.

  • All actions such as delete, stop, and purge, require verification before they are executed.

  • Changes are not applied to a server until you update the server.

  • Sessions are monitored for activity. If your session becomes inactive, you are asked to log in again and unsaved changes are lost.

  • Do not use the browser Back button. If you need to move back, use one of the following:

    • Click the Cancel button.

    • Click a link in the breadcrumb path that is displayed under the menu bar.

    • Use the menu bar to select a location.

  • Right-clicking links in the interface, then selecting to open the link in a new tab or window is not supported.

  • If you are in the Roles and Task view and the left navigation panel is not present in the window or tab, close the session and start a new one.

  • The Administration Console uses a modified version of iManager. The LDAP and PKI plug‐ins are packaged with the Administration Console which are useful for troubleshooting LDAP issues and certificates.

  • The Administration Console uses a modified version of iManager. You cannot use standard iManager features or plug-ins with the Access Manager version of the product.

  • If you access the Administration Console as a protected Access Gateway resource, you cannot configure it for single sign-on. The version of iManager used for the Administration Console is not compatible with either Identity Injection or Form Fill for single sign-on.