When you install the Access Gateway, it should automatically be imported into the Administration Console you specified during installation. If the Access Gateway does not appear in the server list, you need to repair the import.
If the repair option does not correct the problem, the following sections explain what should happen and how you can discover what went wrong. This information can be used to accurately report the problem to NetIQ Support.
If the Access Gateway does not appear in the Administration Console within ten minutes of installing an Access Gateway, complete the following steps:
If a firewall separates the Administration Console and the Access Gateway, make sure the correct ports are opened. See When a Firewall Separates the Administration Console from a Component
in the NetIQ Access Manager 3.2 SP3 Setup Guide.
In the Administration Console, click Devices > Access Gateways.
Wait a few minutes, then click Refresh.
Look for a failed import message.
If the device starts an import but fails to finish, a message similar to the following appears at the bottom of the table:
Server gateway-<name> is currently importing. If it has been several minutes after installation, click repair import to fix it.
Click repair import.
If the device still does not appear or you do not receive a repair import message, continue with Triggering an Import Retry.
If triggering an import retry does not solve the problem, reinstall the device.
If a step in the import process does not complete successfully, the device does not show up in the Access Gateway list. The sections below describe the import process, where to find the log files, and how to use them to determine where the failure occurred so you can accurately report the problem.
The following operations are performed during the import process:
A user specifies the IP address for the Administration Console during installation.
A Java process called “JCC” (Java Communication Channel) detects that the Administration Console IP address/port has changed between its own configuration and the CLI-updated settings.
An import message is sent to Administration Console, notifying it of the IP, port, and ID of the Access Gateway device.
The Administration Console then connects to the Access Gateway device, asking for its configuration and version information. The Access Gateway portion of the import process is now complete.
As a separate asynchronous operation, the Embedded Service Provider (ESP) of the Access Gateway connects and registers itself with the JCC.
When the ESP connects to the JCC, a similar import message is sent to the Administration Console notifying it to import into the system.
The Administration Console connects to the JCC, asking for the ESP configuration and version information. On the Administration Console, an LDIF (Lightweight Directory Interchange Format) file containing the default configuration for the ESP is applied on the local eDirectory configuration store.
The Administration Console then makes a link between the ESP and its configuration.
If the entire process completed properly, the Access Gateway device appears in the list of Access Gateways in the Administration Console.
Various Access Manager components produce log files. You use the following logs on either the Administration Console or the Access Gateway.
Administration Console log:
Linux: /opt/novell/devman/share/logs/app_sc.0.log
Windows Server 2008: \Program Files (x86)\Novell\log\app_sc.0.log
Tomcat Log on the Administration Console:
Linux: /opt/novell/nam/device name/logs/catalina.out
The device name can be idp, mag, sslvpn or adminconsole.
Windows Server 2008: \Program Files (x86)\Novell\Tomcat\logs\stdout.log and \Program Files (x86)\Novell\Tomcat\logs\stderr.log
JCC log on the Access Gateway:
Linux Appliance or Service: /opt/novell/devman/jcc/logs/
Windows Service: \Program Files\Novell\devman\jcc\logs
Go to the directory /opt/novell/devman/jcc/
cd /opt/novell/devman/jcc/
Run the sh conf/reimport_ags.sh jcc script and enter the details against the following prompts:
Choose a local listener IP address [x.x.x.x]:
(Optional) Choose a local NAT IP address [optional]:
Choose Administration Console’s IP address []:
Enter Admin User’s DN [cn=admin,o=novell]:
Enter Admin Password: *****
Wait for a few minutes for the configuration to finish.
Run the sh conf/reimport_ags.sh agm script and enter details against the following prompts:
Do you want to import the device with current configuration or initial configuration after installation (Enter C for current configuration, I for initial configuration).
Enter Admin User’s DN [cn=admin,o=novell]:
Enter Admin password: