Troubleshooting user access to the console

Use the information in this topic to troubleshoot problems that you are having with a user attempting to access the SAN File System console.

Problem

A user was unable to access the SAN File System console from a Web browser.

Investigation

If the user received "access denied" or "unauthorized user" errors
Perform the following steps in order until the problem is resolved:
  1. Attempt to sign on using a user name and password that you know are valid.
    1. If you can sign on using a different user name and password, verify that the "unauthorized" user's user name and password are valid. The user name and password must be created on the Lightweight Directory Access Protocol (LDAP) server.
      • Run the lsadmuser command to list all of the administrative users. If the user is not listed, run the ldapsearch command from the bash shell to determine if the user is defined in the LDAP server (see the help that is available with ldapsearch to learn more about that command). In addition, you can run ldapsearch –help to view information about the ldapsearch command online.
      • Use the documentation that is provided with the LDAP server to verify that the user account was set up correctly with the LDAP server.
    2. Attempt to use this user's user name and password with the other administrative access method. For example, if the user received the error while using the SAN File System console, attempt to sign on to the administrative command-line interface. If the user name and password work with the other administrative access method, suspect a problem with the original administrative access method (the console or the command-line interface).
  2. Verify that the LDAP server is running and that there is no configuration problem between the LDAP server and the administrative agent. Check the administrative log to determine if you are receiving errors about the SAN File System not being able to connect to the LDAP server.

If the user received "page not found" errors
Perform the following steps until the problem is resolved:
  1. Verify that you entered the correct URL for the primary administrative server.
  2. Verify that you can access the engine hosting the primary administrative server.
    1. From a shell prompt, attempt to ping the engine. If you cannot ping the engine, suspect either:
      • An IP network problem
      • A hardware problem on the engine (see the engine documentation)
  3. Verify that the administrative agent is running.

If the user received "administrative agent..." or "CIM agent not found" errors
Perform the following steps in order until the problem is resolved:
  1. Run the ps shell command to verify that the administrative agent is running.
    ps -ef w | grep -i cimom.cimom
    You should see results similar to this:
    root      3822     1  0 07:26 ?        S      0:00 
    /bin/bash /etc/rc.d/init.d/cimom 
    start /usr/tank/admin
    root      4070  3822  0 07:26 ?        S      0:08 
    /opt/IBMJava2-131/jre/bin/exe/java -Xms128m -Xmx256m 
    com.ibm.cimom.CIMOM -RootDir
    root      4087  4070  0 07:26 ?        S      0:00 
    /opt/IBMJava2-131/jre/bin/exe/java -Xms128m -Xmx256m 
    com.ibm.cimom.CIMOM -RootDir
    root      4088  4087  0 07:26 ?        S      0:00 
    /opt/IBMJava2-131/jre/bin/exe/java -Xms128m -Xmx256m 
    com.ibm.cimom.CIMOM -RootDir
    root      4089  4087  0 07:26 ?        S      0:00 
    /opt/IBMJava2-131/jre/bin/exe/java -Xms128m -Xmx256m 
    com.ibm.cimom.CIMOM -RootDir
    root      4090  4087  0 07:26 ?        S      0:00 
    /opt/IBMJava2-131/jre/bin/exe/java -Xms128m -Xmx256m 
    com.ibm.cimom.CIMOM -RootDir
    root      4098  4087  0 07:27 ?        S      0:00 
    /opt/IBMJava2-131/jre/bin/exe/java -Xms128m -Xmx256m 
    com.ibm.cimom.CIMOM -RootDir
    ldap      4099   758  0 07:27 ?        S      0:00 
    /usr/sbin/slapd -u ldap
    root      4100   946  0 07:27 ?        S      0:00 
    /opt/was/java/jre/bin/exe/java 
    -Xbootclasspath/p:/opt/was/java/jre/lib/ext/ibmorb
    root      4101  4087  0 07:27 ?        S      2:11 
    /opt/IBMJava2-131/jre/bin/exe/java -Xms128m -Xmx256m 
    com.ibm.cimom.CIMOM -RootDir
    root      4102  4087  0 07:27 ?        S      0:00 
    /opt/IBMJava2-131/jre/bin/exe/java -Xms128m -Xmx256m 
    com.ibm.cimom.CIMOM -RootDir
  2. If the administrative agent is not running, run the /usr/tank/admin/bin/startCimom command to start the administrative agent. If you have problems starting the administrative agent, view the administrative log (/usr/tank/admin/cimom.log) or /usr/tank/admin/log/stderr.log and attempt to resolve the problems you find.
  3. Verify that the console has been started.
    /opt/was/bin/serverStatus.sh metadata_server
    where metadata_server is the host name of the server that you are trying to access.
    Note: Run the script with no parameters to obtain additional help on using the script.
  4. If the console is not running, run the /usr/tank/admin/bin/startConsole command to start the console. If you have problems starting the console, view the log indicated by the error message and attempt to resolve the problems you find.
  5. If both the administrative agent and console are running, suspect an IP networking problem.

Parent topic: Troubleshooting an administrative server

Related information
Troubleshooting a metadata server

Library | Support | Terms of use | Feedback
(C) Copyright IBM Corporation 2003, 2004. All Rights Reserved.
IBM TotalStorage SAN File System v2.2