Resolve iManager “503″ issue in Netware
Covered OS versions:
- Netware 5, 5.5, 6, 6.5
- Open Enterprise Server (OES) Netware Kernel 6.5
iManager versions:
- iManager 2.5
- iManager 2.6
- iManager 2.7
Issue:
You have installed Netware, and iManager on your server box. Suddenly, when you tried to access iManager from your browser, you’re greeted with the “Error 503: Service Unavailable” notification.
This is related to how Novell LDAP (NLDAP) and Netware’s server certificates, and how iManager authenticates through LDAP via Apache Tomcat. There’s a possibility that the server certificates are corrupted or the changes that took place for the server certificates were not propagated to the services that need them. Yes, Netware does suffer corruption every now and then due to the nature of the file system it currently uses. It still uses FAT/FAT16/FAT32. This could be resolved by moving to OES-Linux kernel instead of using pure Netware or OES-Netware kernel.
Solution:
We will need to stop Tomcat, Apache web server, and Java. We will then need to rebuild our server certificates. After which we will need to restart our services.
Actual Commands:
On the Netware command line, type the following commands:
NETWARE: tc4stop
(Terminate Tomcat. For Tomcat 5.0, use tc5stop instead.)
NETWARE: ap2webdn
(Shutdown the Apache web server.)
NETWARE: java -exit
(Shutdown Java.)
NETWARE: pkidiag
(This will open the PKI wizard for detecting and repairing public key infrastructure in Netware. Follow the menu items namely 4, 5, 6, 0)
NETWARE: tckeygen
(Restore LDAP connectivity for Tomcat.)After a few minutes, start the services.
NETWARE: tomcat
(You may also use /tomcat/5.0/bin/startup start to start Tomcat 5.0.)
NETWARE: ap2webup
(Start up the Apache web server.)
Try opening your iManager again and login (http://ip_of_your_server/nps/iManager.html)
If you found anything erroneous in this tip, feel free to post a comment.
Technorati Tags: Netware, iManager, OES, LDAP, Apache, Tomcat, Novell, Error,503
Site Search Tags: Netware, iManager, OES, LDAP, Apache, Tomcat, Novell, Error, 503
Worked like a charm. Thank you for this info!
Comment by Paul — February 21, 2008 @ 2:15 am
Glad it worked out for you.
Regards!
Comment by hardwyrd — February 24, 2008 @ 10:53 pm
Another update.
Make sure that you have killed all java processes. You can do so by typing “java -killall” then do a “java -exit”. Terminate apache then do the steps for “pkidiag”, “tckeygen”, and fire up tomcat 5 and apache.
Comment by hardwyrd — March 12, 2008 @ 8:33 pm
Latest Update:
If the steps won’t work, Novell TID 10090732
http://support.novell.com/cgi-bin/search/searchtid.cgi?/10090732.htm
will be able to help.
Comment by hardwyrd — March 13, 2008 @ 10:26 pm
you’ll need to reexport the CA to syspublicrootcert.der as explained in
http://support.novell.com/cgi-bin/search/searchtid.cgi?/10090732.htm
Comment by dan — April 29, 2008 @ 11:00 pm
I have been stuck on this crap for the last month! Your fix has worked like a dream - many, many, many thanks! Thou art truly a genius!
Comment by The Doc — July 1, 2008 @ 7:08 pm
Glad it worked. Thanks or visiting my blog.
Regards!
Comment by hardwyrd — July 3, 2008 @ 10:38 am
Yes, it works ! Thanks a lot.
Comment by Kiro — September 16, 2008 @ 6:27 pm
Thank you so much for this post - it is the most straight forward solution I have found on this subject and I was doing LOTS of searching. The PKIDiag did not find anything wrong, so I just tried the tckeygen without redoing the certificates and that appeared to be the piece that somehow lost connection. Life is good again - thanks so much again!!!
Comment by lgibson — October 22, 2009 @ 11:30 pm