Accessing Netware iManager on Apache results in 503 error


Last Wednesday I updated one of my Netware 6.5.7 / Zenworks 7.0.1 servers, and rebooted it to make sure everything came us as expected.  Apache loaded fine, and when I went to http://serverIP, everything worked great.  But when I attempted to access iManager at  http://serverIP/nps/iManager.html, I received a 503 error from Apache.  The same results were observed when accessing the sites through https rather than http.

To fix this problem, I modified instructions posted by Baudizm.  You can find my comments enclosed in [ ]

On the server console I ran:

tc4stop   [stops Tomcat]

ap2webdn  [stops Apache]

java -exit  [stops Java]

pkidiag  [loads PKI diagnostic utility]

authenticate as admin equivalent user

[select pkidiag options] 4 – 5 – 6 – 0

tckeygen  [for LDAP]

tomcat4  [loads tomcat]

Ap2webup  [loads Apache web server]

After performing these steps, iManager loaded with no problem.

Additional Resources

TID 3377845 error 503 returned by applications that use Tomcat, is a good resource for fixing tomcat/tckeygen related problems.

TID 3640106, How to Use PKIDIAG to avoid issues while Installing Netware 6.5 goes into detail on how pkidiag works and how to troubleshoot vertificate problems.

TID 3234091 Tomcat4 does not load, talks about using Tckeygen to fix .keystore problems.

Howto: Upgrade OES iManager 2.5 to iManager 2.6 SP3 (and fix some nici problems as well)


Novell’s iManager hasn’t worked for me since I freshly installed my Novell Open Enterprise Server (OES) SP2 linux server. When I access http://myserversip/nps (or https://10.0.0.26/iManager.html), I’m presented with the iManager login screen, but when I enter my credentials I receive the following error:

Server Error 500

Either the server is overloaded or there was an error in a CGI script

Most articles and posts I read pointed to tomcat as the culprit. iManager 2.5 has had several security issues, so the recommended action is to upgrade to 2.6, which I had planned on doing some day… just not today.

I didn’t find much information regarding upgrading from iManager 2.5 to 2.6 on OES Linux, so I just decided to wing it , and had to perform a lot of trial and error troubleshooting during the process.

This is how I performed the upgrade:

1) From the Novell Download site, download the version of iManager 2.6 appropriate for your operating system (I selected the Linux version for OES). You will have to login to Novell in order to access the files, if you don’t have a Novell account you can get one here.

2) Change to the directory you saved the iManager file download in. Extract the files using the following syntax: (note it is case sensitive)

tar -zxvf iMan_26_linux.tgz

3) change to the directory where the binary file is located using the following syntax:

cd /iManager/installs/linux

4) To being the setup program, type:

./iManagerInstallLinux.bin

(you can get more detailed information on installing iManager 2.6 here)

5) Select 2 to install in English or select your language of choice

6) Press enter several times, then Y to accept the license agreement

7) Press enter to accept all the default installation options. I would only change these if you really know what you’re doing.

8) Sit back and prepare to wait a while. On my brand new Dell PowerEdge 2950 with 4GB of RAM the install took about 20 minutes. After the install has completed, I suggest you reboot, then verify iManager 2.6 is accessible (default login page is https://yourserverip/nps/iManager.html), but it’s your call. I’m glad I tried, because when I tried to authenticate I received the following error:

Unable to initialize JClient: java.lang.Error: Unable to initialize DClient

TID 10100826 explains the problem has to do with NICI, which doesn’t play nice with Tomcat and makes it so you can’t login any more. This TID says to rename the /var/novell/nici/101 directory and restart tomcat to fix this issue, but I don’t have a 101 directory in /var/novell/nici. I thought maybe the 101 was maybe a subdirectory of some other nici directory, so I searched and found the serveer did have the following nici directories:

/var/opt/novell/nici – contained 8 files and 1 folder named ’0′ (thats a zero, not a small o)

/opt/novell/oes-install/nici – directory was empty

/opt/novell/oes_install/nici – only contained a ########.nfk file, which is a license file.

So I went ahead and renamed the /var/opt/novell/nici/0 folder to 0.old and restarted tomcat with the following command:

rctomcat restart

I tried to login to iManager again, and I received the same Jclient error shown above.

TID 10077278 said to edit the environment variable found in the tomcat.sh file, but I couldn’t find a tomcat.sh file on my server (tomcat run just fine, incidently).

I found this post that sets up nici in server rather than client mode. To fix nici, I did:

1) Renamed the /var/opt/novell/nicifk file.

2) Copied my ########.nkf file from /opt/novell/oes_install/nici to the /var/opt/novell directory

3) Renamed my ########.nkf file from step 2 nicifk

4) Assigned the same rights to the new nicifk file that the old nicifk file had, which were -r-xr-xr-x. To do this, I typed:

chmod 555 nicifk

5) From the /var/opt/novell/ directory I tried to regenerate the ’0′ directory by running primenici, but I received the following error:

Initializing NICI… sh: line 1: /var/novell/nici/nicimud: No such file or directory

failed, error -1497

To fix the error -1497, I found this post which talks about creating soft links to nici folders because of an eDirectory 8.8 upgrade (which we don’t use, all servers are still on eDir 8.7.3). To fix this particular nici error, I typed:

ln -sf /var/opt/novell/nici /var/novell/nici

/var/opt/novell/nici/set_server_mode

/var/opt/novell/nici/primenici

and the ’0′ directory was recreated for me! I felt like I was finally getting somewhere!

To restart tomcat, I typed:

rctomcat restart

then tried to login to iManager again, but to my dismay, still experienced the Jclient/Dclient error.

So I rebooted the server and went to get some lunch. When I tried to access iManager again, I received a different error:

NDS Error -626

(Error -626) The object could not be found. It is possible that the object exists, but the server could not communicate with the server holding a copy of the object.

This error sounded like it could be fixed by adding a replica to the OES server, and since I was planning on doing it eventually anyway, I used ConsoleOne to create a read only replica.

I waited for the Current Sync Error condition to change to No Error in C1′s replica information screen, then restarted tomcat. I held my breath as I attempted to login to iManager 2.6 (no SP), and it worked! I rebooted the server once again just to make sure it was really working, and once again I logged in without problems!
**********

Once your iManager has been upgraded from 2.5 to 2.6, we can apply iManager 2.6 SP3, which is the most recent update as of June 27, 2007. Go download iManager Support Pack 3. Once again, you have to login to your Novell account to get this update.

To decompress the support pack, type:

tar -zxvf iman26sp3.tgz

Follow these directions to install iManager SP3. Please note, you need to have this support pack installed to have support for the Internet Explorer 7 and Firefox 2.0 browsers, so for be results, do the installation from IE6 or Firefox 1.5.x.

Don’t forget to restart tomcat after you complete the update to SP3. I suggest restarting the entire server if you can get away with it.

Follow

Get every new post delivered to your Inbox.

Join 32 other followers