Environment
Novell Access Management 3 Linux Access Gateway
Novell Access Management 3 Linux Novell Identity Server
Situation
Had a test setup that was working. Administrator wanted to blow the Linux Access Gateway (LAG) device from device manager (deleting the AG device in iManager) and reinstall it from scratch. When the administrator ran the /chroot/lag/opt/novell/lagconfigure.sh file to reimport the LAG, it would reimport into iManager successfully but the health status would show that the LAG was not available - iManager could not communicate with the LAG.
Looking at the catalina.out log files on the IDP server, the administrator saw the following entry:
WARNING: JCC ID is not set in /var/novell/cfgdb/.current/config.xml, cannot continue.
Resolution
The LAG is trying to use the old keystore files that were not removed by deleting the LAG device from iManager. To clean the LAG from the old config, one needs to remove the following files, and then re-importing the device. The files that need to be deleted are:
/chroot/lag/opt/novell/devman/jcc/conf/jcc_devman.keystore
/chroot/lag/opt/novell/devman/jcc/conf/keystore_info.xml
/chroot/lag/opt/novell/devman/jcc/conf/jcc.keystore
/chroot/lag/opt/novell/devman/jcc/certs/esp/
Re-importing LAG using /chroot/lag/opt/novell/bin/lagconfigure.sh after these modifications will allow the import of the LAG to Device Manager.