The following sections detail common problems you may experience with registering the Administrative UI and the proposed solutions.
Symptom:
I have restarted the Policy Server to which the Administrative UI is registered. When I try to start a task in the Administrative UI, it hangs.
Solution:
Restart the Administrative UI.
Symptom:
I have installed the Administrative UI to an existing WebSphere infrastructure. WebSphere has crashed and the native_stderr log reports an unhandled exception in the IBM Java Garbage Collector.
Solution:
Patch the embedded Java SDK in WebSphere.
Note: For more information, see the IBM Solution.
Symptom:
The Administrative UI is registered to a Policy Server that is unavailable and I am trying to register another Policy Server connection. When I log into the Administrative UI with an administrator that has super user permissions, the Register Policy Server Connection task does not appear.
Solution:
A single user was delegated super user permissions when the connection to the external administrator store was configured. Log into the Administrative UI with this super user account. When a Policy Server connection becomes unavailable, this super user is the only user that can register a Policy Server connection.
Symptom:
The Administrative UI registration fails with an Agent API failure message.
Solution:
The Policy Server is not started. Start the Policy Server using the Policy Server Management Console.
Symptom:
Registering the Administrative UI with a Policy Server fails with a registration record not on file error message.
You can receive this message when:
Solution:
Do one of the following:
If you are registering the Administrative UI for the first–time
XPSRegClient siteminder_administrator[:passphrase] -adminui-setup
Specifies a CA SiteMinder® administrator. If you are installing the Administrative UI as part of:
Note: If you are upgrading from r12.0 SP1 and do not have a super user account, use the smreg utility to create the default CA SiteMinder® administrator (siteminder). For more information about using the smreg utility, see the Policy Server Administration Guide.
Specifies the password for the CA SiteMinder® administrator account.
Limits:
If you are trying to register an additional Policy Server connection
XPSRegClient client_name[:passphrase] -adminui
Identifies the Administrative UI being registered.
Limit: This value must be unique. For example, if you have previously used smui1 to register an Administrative UI, enter smui2.
Specifies the password required to complete the registration of the Administrative UI.
Limits:
Symptom:
I am trying to register an additional Policy Server connection. The registration fails with an invalid registration file error message.
Solution:
Verify that the passphrase you entered is identical to the passphrase you created using XPSRegClient. The value you created must match the value that you enter using the Administrative UI.
If you do not have a passphrase:
XPSRegClient client_name[:passphrase] -adminui
Identifies the Administrative UI being registered.
Limit: This value must be unique. For example, if you have previously used smui1 to register an Administrative UI, enter smui2.
Specifies the password required to complete the registration of the Administrative UI.
Limits:
Symptom:
The Administrative UI registration fails without timing out.
Solution:
Do the following:
name.XPSReg
Specifies the Policy Server installation path
Identifies the client name you specified when using the Administrative UI registration tool (XPSRegClient) to create a client name and passphrase.
If the registration file does not exist, run XPSRegClient to create a client name and passphrase.
Symptom:
I am trying to troubleshoot the Administrative UI registration and cannot find the log file.
Solution:
XPSRegClient creates and saves the log file in policy_server_home\log. The file name is XPSRegClient.date
Specifies the Policy Server installation path.
Specifies the date on which XPSRegClient created the file.
Example: XPSRegClient.2007-12-1.154002
Note: The last six digits are a unique identifier you can use if more than one file is created on the same day.
Symptom:
I cannot complete a search for policy objects. The Administrative UI displays a connection timeout error instead of returning the search results.
Solution:
When you search on many policy objects using the Administrative UI, either or both of the following results can occur:
The latter results in a connection timeout error. Adjusting the Administrative UI Policy Server connection timeout and creating a registry key for the Policy Server tunnel buffer size solves the problem.
To adjust the Policy Server connection timeout:
The Policy Server connection timeout is now increased.
To create a registry key for the tunnel buffer size:
HKLM\SOFTWARE\Wow6432Node\Netegrity\SiteMinder\CurrentVersion\PolicyServer\
Max AdmComm Buffer Size
Note: If the problem persists after the connection timeout and buffer size changes, restart the Administrative UI
Symptom:
I am trying to troubleshoot a deployed Administrative UI instance and cannot find the default application server log file.
Solution:
If you used the stand–alone installation option, the name of the default log file is server.log. This log file is located at administrative_ui_home\CA\SiteMinder\adminui\server\default\log.
Specifies the Administrative UI installation path.
Note: If you installed the Administrative UI to an existing instance of JBoss, WebSphere, or WebLogic, see your vendor–specific documentation for more information about default logging.
Symptom:
I am trying to troubleshoot a deployed Administrative UI instance and the default application server log file does not provide enough information.
Solution:
Use the SiteMinderLog4j properties file to configure CA SiteMinder®-specific logging settings. The file contains comments about configuring the logging settings. The location of the file depends on the installation option that was used to install the Administrative UI.
If you used the stand–alone installation option, the properties file is located at administrative_ui_home\CA\SiteMinder\adminui\server\default\deploy\iam_siteminder.ear\user_console.war\META-INF.
Specifies the Administrative UI installation path.
If you installed the Administrative UI to an existing application server infrastructure, the properties file is located at: deploy\iam_siteminder.ear\user_console.war/META-INF
Specifies where your application server deploys applications.
Note: If you upgraded the Administrative UI to 12.52 SP1, the properties file is located at deploy/IdentityMinder.ear/user_console.war/META-INF.
Copyright © 2014 CA.
All rights reserved.
|
|