Identity Injection Failures; Identity Injection Problems When Using A Password Management Service; Incorrect Health Status Is Reported - Novell ACCESS MANAGER 3.1 SP2 - ACCESS GATEWAY GUIDE 2010 Manual
Access gateway guide
Hide thumbs
Also See for ACCESS MANAGER 3.1 SP2 - ACCESS GATEWAY GUIDE 2010:
- Manual (374 pages) ,
- User manual (58 pages) ,
- Manual (192 pages)
Table of Contents
Advertisement
These errors indicate that the Embedded Service Provider is down. Every Identity Injection policy
has a policy ID, which is sent to the Access Gateway by the Embedded Service Provider. If the
Embedded Service Provider is down, the Access Gateway does not get the policy ID, and an error is
thrown. Restart the Embedded Service Provider from the Administration Console as follows:
1 In the Administration Console, click Devices > Access Gateways.
2 Select the server, then click Actions.
3 Click Service Provider > Restart Service Provider.
4 Click OK.
7.9.2 Identity Injection Failures
Identity injection might fail while trying to inject authentication headers because of improper policy
configuration or because the Identity Server is not sending values to the Access Gateway.
Check the
Customer Header Injection Failed.
Query String Injection Failed.
Authentication Header Injection Failed
To receive help resolving identity injection failures, send the following information to Novell
Support:
Access Gateway logs. For more information on how to get Access Gateway log files, see
"Access Gateway Appliance Logs" on page
Packet Capture. For more information on how to get packet captures, see
page
232.
7.9.3 Identity Injection Problems When Using a Password
Management Service
If you have configured the Identity Server to use a password management service and you have also
configured resources to use Identity Injection policies that inject the user's password, you need to
enable the following touch file:
/var/novell/.PasswordMgmt
This file causes the Access Gateway to refresh the user's credentials so that they match password
changes. If the file is not enabled and users authenticate and then change their passwords, the Access
Gateway uses the old password in Identity Injection policies.
7.10 Incorrect Health Status Is Reported
The Access Gateway Appliance health is incorrectly reported as green when listener creation fails
and the required port is being used by another service. This is because the service creation status of
the Access Gateway Appliance reflects the status of the open port.
For example, when SSL VPN is installed along with Access Gateway, and port 443 is used by
OpenVPN, the service creation fails if you try to create a service with HTTPS port 443. However,
because the health check is performed on the open port 443, the status is displayed as healthy.
240 Novell Access Manager 3.1 SP2 Access Gateway Guide
/var/log/ics_dyn.log
file for the following error messages:
.
123.
"Packet Capture" on
Advertisement
Chapters
Table of Contents
Troubleshooting
Related Manuals for Novell ACCESS MANAGER 3.1 SP2 - ACCESS GATEWAY GUIDE 2010
Related Products for Novell ACCESS MANAGER 3.1 SP2 - ACCESS GATEWAY GUIDE 2010
- NOVELL ACCESS MANAGER 3.1 SP2 BETA 1 - SCENARIOS 2009
- NOVELL ACCESS MANAGER 3.1 SP1 - AGENT GUIDE
- NOVELL ACCESS MANAGER 3.1 SP1 - IDENTITY SERVER
- NOVELL ACCESS MANAGER 3.1 SP2 - SSL VPN USER GUIDE 2010
- Novell Access Manager 3.1 SP 1
- Novell Access Manager 3.1 SP2 Beta 1
- Novell Access Manager 3.1 SP 2
- NOVELL CLIENT LOGIN EXTENSION 3.7 - ADMINISTRATION
- NOVELL IDENTITY ASSURANCE SOLUTION 3.0.2 - ADMINISTRATION
- NOVELL IDENTITY MANAGER 3.6.1 - STAGING BEST PRACTICES GUIDE 2010
- NOVELL IDENTITY MANAGER 3.6.1 - NULL SERVICE AND LOOPBACK SERVICE DRIVERS
- NOVELL IDENTITY MANAGER 3.6.1 - JOBS GUIDE
- NOVELL IDENTITY MANAGER 3.6.1 - TASK SERVICE DRIVER
- NOVELL IFOLDER 3 - ADMINISTRATION
- NOVELL POLICIES IN IMANAGER 3.6.1 - 06-05-2009
- NOVELL POLICY IN DESIGNER 3.5 - 09-18-2009
Need help?
Do you have a question about the ACCESS MANAGER 3.1 SP2 - ACCESS GATEWAY GUIDE 2010 and is the answer not in the manual?