Linux based Access Gateway Service fails after upgrading from 3.1.4 IR1 to 3.2

  • 7008697
  • 05-Jun-2012
  • 06-Jun-2012


NetIQ Access Manager 3.2
NetIQ Access Manager 3.2 Linux Based Access Gateway Service
Migrating from a working Access Manager 3.1.4 IR1 setup to Access Manager 3.2
NetIQ Access Manager 3.1 setup with Linux based Admin Console and Identity Server, and Linux Access Gateway (LAG)


Access Manager 3.1.4 Interim Release 1 setup with a Linux Based Access Gateway Service (AGS). All protected resources behind the AGS are accessible after the users authenticate to the Identity Server. Needed to move to Access Manager 3.2, so the Admin Console, and Identity servers were migrated successfully. The '' file was then run on the AGS to upgrade the AGS from 3.1.4 IR1 build to 3.2, but after the message appeared on the Linux console that the AGS was upgraded successfully, the Admin Consolereported the AGS in the 'Warning' state. More details existed in the health status of the AGS in the Admin Console:

"The last part of the file rcnovell-apache2.out.pending contains errors. httpd: Syntax error on line 42 of /etc/opt/novell/apache2/conf/httpd.conf: Could not open configuration file /etc/opt/novell/apache2/conf/listen.conf: No such file or directory"

When removing and reassigning the trust relationship between tthe AGS the IDP cluster, the status reported in the Admin Console moved to "Failed" state and would not come back. No users could access the protected resources.


Make sure that the path to the listen.conf file is active by implementing the following commands at the server console:

1. cd /etc/opt/novell/apache2/conf
2. delete the files listen.conf and NovellAgSettings.conf #rm listen.conf #rm NovellAgSettings.conf
3. Create symbolic link for listen.conf #ln -s /opt/novell/nam/mag/webapps/agm/WEB-INF/config/apache2/listen.conf listen.conf
4. Create symbolic link for NovellAgSettings.conf #ln -s /opt/novell/nam/mag/webapps/agm/WEB-INF/config/apache2/NovellAgSettings.conf NovellAgSettings.conf
5. /etc/init.d/novell-mag restart


The required listen.conf listener information, and corresponding NovellAgSettings.conf were not available to get the TCP listener information from. By adding the symbolic links, the required TCP information for httpd to startup allowed the services to start correctly.