A.9 Troubleshooting a Linux Administration Console Upgrade

A.9.1 After You Upgrade from SLES 9 to SLES 10, Access Manager 3.1 SP2 Fails to Install

If you perform an operating system upgrade rather than a fresh install of the operating system, you need to verify the UID of the D-BUS (messagebus) user on your secondary Administration Consoles. The SLES upgrade creates this user with the same ID as the novlwww user. You need to change this ID before continuing with the upgrade process.

IMPORTANT:If the IDs are the same, Access Manager 3.1 SP2 fails to install.

  1. Access the control center, then click User Management.

  2. Set the filter to System Users.

  3. Select the messagebus (User for D-BUS) user.

  4. Click Edit.

  5. Click the Details tab.

  6. Change the UID to another ID that is unique.

  7. Click Accept.

  8. Click Finish.

  9. To continue the upgrade process, see Section 8.4.1, Upgrading the Linux Administration Console.

A.9.2 Upgrade Hangs

If the upgrade program encounters an error while installing a component or encounters an unexpected condition that requires user input, the installation appears to hang.

  1. View the installation screen and determine which component is being upgraded.

  2. Change to the /tmp/novell_access_gateway directory.

  3. View the log file of the component that is being upgraded.

    Solve the problem described in the log file before continuing with the upgrade.

    For example, if the eDirectory health check fails, the edir log file indicates that the upgrade program is waiting for a response on whether the upgrade should continue. You should abort the upgrade, run ndsrepair to repair the configurations store, then restart with the upgrade process.

  4. If the log file of the current component does not contain any errors, use the time stamps of the log files to determine which component just finished its upgrade and check it for errors.

    If you cannot determine which component is causing the problem:

    1. Abort the upgrade.

    2. Enter the following command:

      tail -f /tmp/novell_access_gateway
      

      This command tails all the files created in the specified directory.

    3. Restart the upgrade.

A.9.3 Multiple IP Addresses

If your server has multiple IP addresses, you might see the following error message during a Linux Administration Console upgrade:

Failed to load any MDB driver - Error: Could not load driver /usr/lib/mdb/mdbfile.so, error 9 - /usr/lib/mdb/mdbfile.so: cannot open shared object file: No such file or directory

The error occurs when running Novell Audit on servers with more than one IP address. It occurs when the system attempts to upgrade the audit server. Systems with more than one IP address have problems running Novell Audit because the multiple directory database (MDB) driver does not know which IP address to use with eDirectory. You can point Novell Audit to a specific IP address by creating an MDB configuration file.

The required filename and path for the MDB configuration file is as follows:

/etc/mdb.conf

To point Novell Audit to a specific IP address for eDirectory, the MDB configuration file must store the following parameters:

driver=mdbds referral=eDirectory_IP_ Address. 

For example:

driver=mdbds referral=10.10.123.45.

You might only have one IP address, but your server might have two network adapters. If you create the /etc/mdb.conf file and specify your IP address, you do not encounter this error message when you upgrade.

A.9.4 Certificate Command Failure

Certificate commands are generated when you upgrade the Administration Console, and you should ensure that they have completed successfully. In the Administration Console, click Security > Command Status.

If a certificate command fails, note the store, then click Auditing > Troubleshooting > Certificates. Select the store, then click Re-push certificates to push the certificates to the store.