Layer7 Privileged Access Management

Expand all | Collapse all

I can not access the admin page Minder Control

Anon Anon09-23-2013 12:58 PM

  • 1.  I can not access the admin page Minder Control

    Posted 09-23-2013 11:05 AM
    Good morning.

    My server is a windows server 2003 and is called servercm, here Minder Control 12.6 installed in Windows. And when I go to: Start> All Programs> Ca> accesss Control> Enterprise Management, open the following URL in your browser: http://servercm:8080/iam/ac, this application does not load.

    It does not work in these cases: When I put 127.0.0.1, or the IP assigned.

    But when I put localhost if it works.

    Why is this?

    Thanks in advance.

    Greetings.

    Sorry for my English.


  • 2.  RE: I can not access the admin page Minder Control

    Posted 09-23-2013 12:11 PM
    Hi


    1) http://servercm:8080/iam/ac >> shouldn't this be HTTPS instead of HTTP ?

    regards,
    Mohammed Mustansir


  • 3.  RE: I can not access the admin page Minder Control

    Posted 09-23-2013 12:28 PM
    Hi,

    If you check the server.log, does it show jboss starting with "program.name: run.bat" and also a line that reads 'sun.java.command: org.jboss.Main -b 0.0.0.0'?

    Are you able to access EM from a remote browser using host name?

    Thanks,
    Gil Figueroa


  • 4.  RE: I can not access the admin page Minder Control

    Posted 09-23-2013 12:55 PM
    i have tried with HTTP then it does not load the page.


  • 5.  RE: I can not access the admin page Minder Control

    Posted 09-23-2013 12:58 PM
    Neither with IP nor HTTPS.


  • 6.  RE: I can not access the admin page Minder Control

    Posted 09-24-2013 05:08 AM
    Hi

    this could be a issue with DNS..., if you are able to use localhost and not the hostname, check if the DNS is working.

    regards,
    Mohammed Mustansir


  • 7.  Re: [CA ControlMinder (Access Control) General Discussion] RE: I can not ac

    Posted 09-24-2013 07:27 AM
    Try this and note the results:

    1) ping servercm

    2) ping ip_of_servercm (not 127.....)

    Questions:

    1) during installation what information related to the server was defined? Name? Ip? Loopback?

    2) any recently change in server configuration? Change of iP, name....?

    3) any firewall or security product on the server?




    Enviado desde mi iPhone
    El 23/09/2013, a las 11:57, "CA Security Global User Community (Distributed)" <CommunityAdmin@communities-mail.ca.com> escribió:

    Neither with IP nor HTTPS.
    Posted by:cedenoaugusto
    --
    CA Communities Message Boards
    101827571
    mb.2254757.101825031@myca-email.ca.com
    https://communities.ca.com


  • 8.  RE: I can not access the admin page Minder Control

    Posted 09-24-2013 10:02 AM
    Hi,

    Did you get a chance to check the jboss server.log? Also, can you access the ENTM UI from a remote machine?

    Thanks,
    Gil Figueroa


  • 9.  RE: I can not access the admin page Minder Control

    Posted 09-24-2013 04:24 PM
    Thanks a lot for your answers.


    ===============================================

    Gilbert:

    I have checked dir_jboss/server/default/server.log
    There are not any entry with this words.

    How can I access the ENTM UI from a remote machine?

    ===============================================

    Mohammed ,how can I check if the DNS is working? Maybe it is the problem, because I have set adress IP manual, because automatic allocation doesn't work.

    ===============================================

    mmarin:

    1) ping servercm.
    Works fine.

    2) ping ip_of_servercm (not 127.....).
    Works fine too.

    3) during installation what information related to the server was defined? Name? Ip? Loopback?
    I think was the name.

    4) any recently change in server configuration? Change of iP, name....?
    The name of server before install was esoftwin09, I had changed the name, and then I installed the CA Control Minder.

    5) any firewall or security product on the server?
    NO.

    ===============================================

    Thanks in advance.

    Regards.

    Sorry for my English.


  • 10.  RE: [CA ControlMinder (Access Control) General Discussion] RE: I can not ac

    Posted 09-24-2013 07:23 PM
    Check the file: C:\Windows\System32\Drivers\etc\hosts.



    Share with us the content.



    From: CA Security Global User Community (Distributed) [mailto:CommunityAdmin@communities-mail.ca.com]
    Sent: Tuesday, September 24, 2013 3:24 PM
    To: mb.2254757.101835516@myca-email.ca.com
    Subject: [CA ControlMinder (Access Control) General Discussion] RE: I can not access the admin page Minder Control



    Thanks a lot for your answers.


    ===============================================

    Gilbert:

    I have checked dir_jboss/server/default/server.log
    There are not any entry with this words.

    How can I access the ENTM UI from a remote machine?

    ===============================================

    Mohammed ,how can I check if the DNS is working? Maybe it is the problem, because I have set adress IP manual, because automatic allocation doesn't work.

    ===============================================

    mmarin:

    1) ping servercm.
    Works fine.

    2) ping ip_of_servercm (not 127.....).
    Works fine too.

    3) during installation what information related to the server was defined? Name? Ip? Loopback?
    I think was the name.

    4) any recently change in server configuration? Change of iP, name....?
    The name of server before install was esoftwin09, I had changed the name, and then I installed the CA Control Minder.

    5) any firewall or security product on the server?
    NO.

    ===============================================

    Thanks in advance.

    Regards.

    Sorry for my English.
    Posted by:cedenoaugusto
    --
    CA Communities Message Boards
    101838056
    mb.2254757.101835516@myca-email.ca.com
    https://communities.ca.com


  • 11.  RE: [CA ControlMinder (Access Control) General Discussion] RE: I can not ac

    Posted 09-25-2013 09:10 AM
      |   view attached
    # Copyright (c) 1993-1999 Microsoft Corp.
    #
    # This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
    #
    # This file contains the mappings of IP addresses to host names. Each
    # entry should be kept on an individual line. The IP address should
    # be placed in the first column followed by the corresponding host name.
    # The IP address and the host name should be separated by at least one
    # space.
    #
    # Additionally, comments (such as these) may be inserted on individual
    # lines or following the machine name denoted by a '#' symbol.
    #
    # For example:
    #
    # 102.54.94.97 rhino.acme.com # source server
    # 38.25.63.10 x.acme.com # x client host

    127.0.0.1 localhost
    192.168.1.38 esoftsol01

    192.168.1.91 muxzone01
    192.168.1.121
    esoftlnx05


    Thanks.

    Attachment(s)

    txt
    hosts.txt   814B 1 version


  • 12.  RE: [CA ControlMinder (Access Control) General Discussion] RE: I can not ac

    Posted 09-25-2013 09:16 AM
    The IP address that I had set was 192.168.1.4, and it is the same currently.


  • 13.  RE: [CA ControlMinder (Access Control) General Discussion] RE: I can not ac

    Posted 09-25-2013 09:16 AM
    The IP address that I had set was 192.168.1.4, and it is the same currently.


  • 14.  RE: [CA ControlMinder (Access Control) General Discussion] RE: I can not ac

    Posted 09-25-2013 10:21 AM
    Can you add the line for the server…



    IP FQDN Hostname



    Example:



    192.168.10.1 server.domain.com server



    And test again.



    From: CA Security Global User Community (Distributed) [mailto:CommunityAdmin@communities-mail.ca.com]
    Sent: Wednesday, September 25, 2013 8:10 AM
    To: mb.2254757.101840797@myca-email.ca.com
    Subject: RE: [CA ControlMinder (Access Control) General Discussion] RE: I can not ac



    # Copyright (c) 1993-1999 Microsoft Corp.
    #
    # This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
    #
    # This file contains the mappings of IP addresses to host names. Each
    # entry should be kept on an individual line. The IP address should
    # be placed in the first column followed by the corresponding host name.
    # The IP address and the host name should be separated by at least one
    # space.
    #
    # Additionally, comments (such as these) may be inserted on individual
    # lines or following the machine name denoted by a '#' symbol.
    #
    # For example:
    #
    # 102.54.94.97 rhino.acme.com # source server
    # 38.25.63.10 x.acme.com # x client host

    127.0.0.1 localhost
    192.168.1.38 esoftsol01
    192.168.1.91 muxzone01
    192.168.1.121 esoftlnx05


    Thanks.
    Posted by:cedenoaugusto
    --
    CA Communities Message Boards
    101843337
    mb.2254757.101840797@myca-email.ca.com
    https://communities.ca.com


  • 15.  RE: [CA ControlMinder (Access Control) General Discussion] RE: I can not ac

    Posted 09-25-2013 10:59 AM
    The server works without domain.

    I wrote in hosts file: 192.168.1.4 servercm

    It does not work.

    Thanks.


  • 16.  RE: I can not access the admin page Minder Control

    Posted 10-01-2013 04:02 PM
    Hi Cedenoaugusto,

    It is possible that jboss was not restarted and this is why you don't see the initialization lines in the server.log.

    If you restart jboss, look for lines which reference 18080 to see if these lines give a clue.

    You can check the jboss-4.2.3.GA\server\default\deploy\jboss-web.deployer\server.xml file and look for

    Connector URIEncoding="UTF-8" acceptCount="150" address="${jboss.bind.address}" connectionTimeout="20000" disableUploadTimeout="true" emptySessionPath="true" enableLookups="false" maxHttpHeaderSize="8192" maxThreads="250" port="18080" protocol="HTTP/1.1" redirectPort="8443"/>

    Also, look at the boot.log in jboss-4.2.3.FA\server\default\log for the jboss bind address used. I believe it should be 0.0.0.0

    As for trying to access the server from a remote server, I mean you can try to use a web browser from another machine to connect to the ENTM. Does this work using IP or host name?

    Thanks,
    Gil Figueroa


  • 17.  RE: I can not access the admin page Minder Control

    Posted 11-13-2013 07:35 PM

    Hi Cedenoaugusto,

    If this was not resolved yet - can you please share with us the below:

    c:\jboss-4.2.3.GA\server\default\conf\accesscontrol.properties
    c:\jboss-4.2.3.GA\server\default\deploy\IdentityMinder.ear\user_console_war\META-INF\ac-environment.properties
    c:\jboss-4.2.3.GA\server\default\deploy\*-ds.xml
     

    Now restart your jboss service, wait 2-3 min and then try to connect to your ENTM and send us the updated:

    c:\jboss-4.2.3.GA\server\default\log\boot.log
    c:\jboss-4.2.3.GA\server\default\log\server.log

    Kind Regards,

    Amit.