iManager 2.0.1 Tips - Feb. 12, 2004
The purpose of this tip is to put up some information on iManager 2.0 in regards to using it with BorderManager 3.8 VPN configuration. A more complete explanation of installing,
configuring and using iManager with BorderManager 3.8 is shown in the Third Edition of my Beginner's Guide to BorderManager 3.x book, from November of 2003. (I might be
writing a VPN book also, as the complexity of BorderManager 3.8 really needs its own book to explain it well).
Updated Jan 30, 2004 with Q3.
Q1. I have installed iManager on my Windows PC, in order to administer BorderManager 3.8 VPN services. I used to use it to access a NetWare server, but it quit working since I changed the
NetWare server private IP address. How can I get it to talk to the server again?
A. iManager 2.0 uses LDAP to communicate to NDS, and the LDAP server IP address is hard-coded in a file. You need to change the IP address in the following file on your PC:
C:\Program Files\Novell\Tomcat\webapps\nps\WEB-INF\PortalServlet.properties
Q2. I have installed NetWare 6.5 with iManager 2.0, in order to administer BorderManager 3.8 VPN services. I used to use it to access itself, and other NetWare servers, but it
quit working since I changed the NetWare 6.5 server private IP address. How can I get it to work again?
A. iManager 2.0 uses LDAP to communicate to NDS, and the LDAP server IP address is hard-coded in a file. You need to change the IP address in the following file on your PC:
<server mapped drive letter>:\tomcat\4\webapps\nps\WEB-INF\ PortalServlet.properties
Q3. I have installed iManager on my Windows PC, in order to administer BorderManager 3.8 VPN services. I can't get it to work, because on some choices I get 'unknown error',
followed by about two pages of java debug information.
A. Check to see if there is a file called njclv2.jar in the lib directory of tomcat:
C:\Program Files\Novell\Tomcat\webapps\nps\WEB-INF\lib
If it is not there, you need to copy it in from somewhere else.
Q4. I want to install iManager 2.0.1 on my NetWare 6.0 server, to administer BorderManager 3.8. What do I need to do?
A. This one gets complicated, and may or may not require all of the following steps. If you have problems, go through each of the following:
- First, iManager 2.0.1 (which is included on the BorderManager 3.8 Companion CD) requires eDirectory 8.7.1. EDir 8.7.1 is also provided on the Companion CD, so install that first. Be sure
to do a full unattended repair after installing it.
- Next, using the STARTX GUI on the NW 6.0 server, go to the Install menu, and point to the iManager 2 installation for NetWare on the Companion CD. You want to install TOMCAT4 and
iManager 2.
- When the iManager installation is completed, you should check that AUTOEXEC.NCF is not loading TOMCAT33 anymore, but is loading TOMCAT4. Comment out any TOMCAT33 load lines, and either
kill the java process for the old Tomcat33 process (or kill all Java processes and restart TOMCAT4), or reboot. Tomcat33 java process (JAVA -SHOW command) will say "org.apache.tomcat.startup.main".
Tomcat4 java process will say "org.apache.catalina.startup.Bootstrap".
- Try accessing iManager usinghttps://x.x.x.x/nps/iManager, where x.x.x.x is the internal address of the NW 6 server. You should get a certificate (accept it), and if very lucky, you will
get a login screen. If so, you are probably done. Otherwise, keep reading.
- Go to SYS:\APACHE\CONF and edit the ADMINSERV.CONF file. Remark out three lines:
# Redirect /iManage/ https://172.16.1.254:2200/eMFrame/iManage.html
# Redirect /iManage https://172.16.1.254:2200/eMFrame/iManage.html
# Include "SYS:/webapps/eMFrame/WEB-INF/eMFrame-apache.conf"
- Also in the ADMINSERV.CONF file, find two lines that have "tomcat/33" in them (JK properties lines), and change "tomcat/33" to "tomcat/4". They should look like the following:
JkWorkersFile "SYS:/tomcat/4/conf/jk/nwworkers.properties"
JkLogFile "SYS:/tomcat/4/logs/mod_jk.log"
- Also in the ADMINSERV.CONF file, go to the end of the file and make sure there is an "include sys:tomcat/4/conf/nps-Apache.conf" statement.
- Go to SYS:\TOMCAT/4\CONF and see if you have a directory called JK with about 8 files in it. If not, copy the JK directory over from the SYS:\TOMCAT\33\CONF directory to the
SYS:\TOMCAT\4\CONF.
- While we are at it, let's fix a potential problem with the Coyote /HTTP webserver built into Tomcat4. Tomcat4 includes a miniwebserver that defaults to listening on port 8080, which can conflict
with the BorderManager HTTP Proxy. Go to the SYS:\TOMCAT\4\CONF directory and edit SERVER.XML with Notepad. Search and replace "8080" with "8081". Stop Tomcat4 (TC4STOP command)
and restart (TOMCAT4 command). Look in the logger screen, and wait... (and wait a bit more, until you finally see a line that includes ajp12 and 0.0.0.0/9010). You should see a line "INFO:
Initializing Coyote HTTP /1.1 on port 8081" if SERVER.XML was correctly edited.
- Stop Apache (NVXADMDN), and restart it (NVXADMUP).
- Stop Tomcat (Kill the java processes as noted in step 3, or kill all java processes with a java -killall command, or use TC4STOP if only Tomcat4 is running). Restart Tomcat4
(TOMCAT4 command). Look at the logger screen and wait until you see "INFO: JK2: ajp13 listening on /0.0.0.0:9010:
- Try https://x.x.x.x/nps/iManager.html, where x.x.x.x is the private IP address of the server. Hopefully after a short delay you will get a login screen where you can log in as admin. If
so, you are probably done. If not, keep reading.
- You may have to configure iManager and NDS using the exteNd director in a browser. This step involves an LDAP login to NDS, and a java process that creates an OU in your tree called Extend
(or Extend-xxx if there is already an Extend directory in there), and a bunch of objects that control how iManager works. I show the process in both my Beginner's Guide to
BorderManager 3.x book, from November of 2003 (or later), and the Lite version of the same book on the BorderManager 3.8 product CD under the Documents\Craig Johnson directory. (The Lite version
is not as up to date as the full version). You start the process by pointing your browser to https://x.x.x.x/nps/servlet/configure. Should you want to reuse/reconfigure an existing pco object
(already have a Extend OU in the tree), you may need a password that is contained in a file mentioned in Q1 or Q2 above, assuming you can find the file on a NetWare or Windows server. I do not find
it particularly a problem to just create a new pco object and another Extend directory if you can't get into the old one. At the end of this procedure, you need to stop and restart Tomcat4 (tc4stop,
and then tomcat4, and then wait a bit). If you STILL can't get into iManager, I'm not sure what else to check at this point, but keep an eye on this tip for updates.
Return to the Main Page