Environment
Novell Access Manager 3.2 Access Gateway Appliance
Situation
Access Manager 3.1 basic setup configured and working fine with an Administration server, Identity server and Linux Access Gateway (LAG). Users could access protected resources without issues after successfully authenticating. After upgrading the setup to Access Manager 3.2 with the new AG Appliance installed (while installing the AG appliance, administrator gave the hostname with "-" hyphen symbol e.g. app-79), users would get a 100101043 error when hitting the protected resource, without ever seeing the Identity Server login page.
Looking at the contents of the catalina.out file on the Access Gateway appliance, the following error would be reported on accessing the protected resource ESP:
"Error:Unable to complete request at this time. (100101043-7F878BC4D1E72019)"
where 7F878BC4D1E72019 is the device ID, unique to all Access Gateway Appliances
Resolution
Make sure /etc/hosts has an entry for the local hostname.
When this does not exist, the Java API fails to resolve the ESPs metadata at IDP and we get the 100101043 error. Adding hosts entry and restarting the tomcat addresses issue. The product documentation states the need for the host file in the configuration, quick start and troubleshooting sections.