Forum Stats

  • 3,768,721 Users
  • 2,252,841 Discussions
  • 7,874,694 Comments

Discussions

Error while running configMSAS.sh

User_LN41I
User_LN41I Member Posts: 4 Red Ribbon
edited May 11, 2016 4:24AM in Mobile Security Suite

Hi Gurus,
I get an error when i running configMSAS.sh
in ORACLE_HOME/Oracle_OMSAS1/omsas/bin

The error is:

Mobile Security Access Server (MSAS) Configuration:

There were errors in configuring Mobile Security Access Server (MSAS) Instance.


Can you help me?

Thanks

Answers

  • OIM TEAM Tiger-IT
    OIM TEAM Tiger-IT Member Posts: 11 Blue Ribbon
    edited Aug 19, 2015 7:51AM

    Hi,

    I am also getting the same error while trying to configure MSAS in different Middleware Home rather than OMSM Middleware Home. Can anyone say the root cause of the issue and possible resolution?

    Would appreciate any early response.

    Thanks in advance

  • Qasim Tahir
    Qasim Tahir Member Posts: 16
    edited Aug 26, 2015 4:28AM

    Hi,

    I am also facing the same issue while configuring MSAS.

    Error:

    Mobile Security Access Server (MSAS) Configuration:

    There were errors in configuring Mobile Security Access Server (MSAS) Instance.

    Can anyone help how to resolve the issue?

    Thanks in advance

    Regards,

    Qasim

  • Kenheung-Oracle
    Kenheung-Oracle Member Posts: 23 Employee
    edited Aug 26, 2015 12:05PM

    Could you please provide more info?

    Are you running the config script in interactive mode or silent mode? What if you running it in interactive mode? What are the screen outputs when you run it in interactive more? any info in log file?

  • Qasim Tahir
    Qasim Tahir Member Posts: 16
    edited Aug 27, 2015 1:18AM

    Hi Kenheung,

    Thanks for your reply.

    I am using interactive mode for configuration.

    Following are my screen outputs when i run it in interactive mode:

    Mobile Security Access Server (MSAS) Configuration:

    Enter the MSAS Instance Id:msas-instance-1

    Enter the MSAS Instance Root Dir:(Default MSAS Instance Root Dir Is : /home/idm_ext/idm/omsas/instances):/home/idm_ext/idm/omsas/instance_omsas

    Enter the SSL Port Number where MSAS Instance will be running (Please note that by default MSAS will be enabled on SSL Port,if you need to enable the Non-SSL port also , you can do that in the next step.):9001

    Do you want to enable Non-SSL Port (y/n) , default is "n":y

    Enter the Port Number where MSAS Instance will be running:9000

    Enter the Mobile Security Manager (MSM) URL [<protocol>://<host>:<port>]:http://192.168.1.25:14180

    Enter the Username to connect to Mobile Security Manager (MSM):weblogic_idm

    Enter the Password to connect to Mobile Security Manager (MSM):

    Enter the OAM Admin Server Hostname:(Default OAM host is : arc.tap.com):arc.tap.com

    Enter the OAM Admin Server Port:(Default OAM port is : 7001):7001

    Is the connection with the OAuth Managed Server over SSL (y/n) , default is "n":n

    Enter the OAM Admin Username:oamadmin

    Enter the OAM Admin Password:

    Enter the OAuth Managed Server Host:(Default OAuth host is : arc.tap.com):arc.tap.com

    Enter the OAuth Managed Server Port:(Default OAuth port is : 14100):14100

    Enter the OAuth Service Profile Endpoint:(Default OAuth Service Profile Endpoint Is : /oauthservice ):/oauthservice

    Enter the OAM Protected Resource:(Default protected resource URI is : /):/

    Enter the Domain name for which the cookie is to be set:(Default cookie domain is: .tap.com):.tap.com

    Configuring The Instance For MSAS Instance Id - msas-instance-1...

    Configuring the OAM Webgate Instance Id - msas-instance-1...

    [2015-08-12T07:20:33.450+05:00] [security] [WARNING] [] [oracle.security.audit.logger] [host: arc.tap.com] [nwaddr: 192.168.1.25] [tid: 1] [userId: oracle] [ecid: 0000KwVhODtFg4WFLzESOA1Lmepl000001,0] IAU:IAU-6012: Unable to determine the audit log directory. No log directory specified.

    [2015-08-12T07:20:33.556+05:00] [jps] [NOTIFICATION] [] [oracle.jps.config] [host: arc.tap.com] [nwaddr: 192.168.1.25] [tid: 1] [userId: oracle] [ecid: 0000KwVhODtFg4WFLzESOA1Lmepl000001,0] JpsUtil: isAuditDisabled set to true

    [2015-08-12T07:20:33.557+05:00] [jps] [WARNING] [JPS-00223] [oracle.jps.common] [host: arc.tap.com] [nwaddr: 192.168.1.25] [tid: 1] [userId: oracle] [ecid: 0000KwVhODtFg4WFLzESOA1Lmepl000001,0] No audit log directory is set. Cannot perform audit operations for component JPS.

    Using default context in /home/idm_ext/idm/omsas/instance_omsas/msas-instance-1/config/jps-config.xml file for credential store.

    Credential store location : /home/idm_ext/idm/omsas/instance_omsas/msas-instance-1/config

    Credential with map oracle.wsm.security key gms-csf-key stored successfully!

      Credential for map oracle.wsm.security and key gms-csf-key is:

      PasswordCredential

    [2015-08-12T07:20:36.244+05:00] [wsm] [ERROR] [WSM-02381] [oracle.wsm.resources.policymanager] [host: arc.tap.com] [nwaddr: 192.168.1.25] [tid: 1] [userId: oracle] [ecid: 0000KwVhODtFg4WFLzESOA1Lmepl000001,0] Unable to invoke method "getEntity" of class "com.sun.jersey.api.client.ClientResponse" with values "[Ljava.lang.Object;@6f7c4e0".

    There were errors in configuring Mobile Security Access Server (MSAS) Instance.

    What is the possible reason for error and possible resolution?

    Thanks & Regards,

    Qasim

  • OIM TEAM Tiger-IT
    OIM TEAM Tiger-IT Member Posts: 11 Blue Ribbon
    edited Aug 31, 2015 3:28AM

    Hi Kenheung,

    I am running the script in interactive mode and getting the bellow error just after executing the config script and configMSAS.log contains no entry.

    [[email protected] bin]$ sh configMSAS.sh

    zia

    /oracle/omsas/Oracle_OMSAS

    Mobile Security Access Server (MSAS) Configuration:

    There were errors in configuring Mobile Security Access Server (MSAS) Instance.

    Thanks

  • BAZZANI Massimo
    BAZZANI Massimo Member Posts: 2
    edited Nov 11, 2015 9:08AM

    Hi all,

    I have the same problem.

    I installed OMSS v11.1.2.3.0 using the IDMLCM tool with OAM only and an Active Directory as Identity Store.

    I followed the Oracle By Example (OBE) tutorial -->  https://apexapps.oracle.com/pls/apex/f?p=44785:24:1923212618025::NO:24:P24_CONTENT_ID,P24_PREV_PAGE:11595,29

    In particular, I followed the 01_Install and Configure OAM-OMSS Topology using IDM LCM Tool with Active Directory tutorial.

    IDMLCM install all the OMSS components on a single server.

    My installation is under IDM_TOP =  /u01/oracle/idmtopad

    (0) IDMLCM install an MSAS instance "gateway1" under IDM_TOP/config/instances on the first server --> oracleomss.alfalab.priv (see details here after).

    (1) Now I'm installing a new phisical MSAS instance on another server --> oraclemsas.alfalab.priv.

    This because the OAM+PS+MSM server is inside my network and I want the MSAS component in the DMZ.

    I want to link the new phisical instance of MSAS to the same logical instance of MSAS (gateway1).

    (1.a) I installed the MSAS sw on the second server (oraclemsas) under --> /u01/oracle/omsastop.

    (1.b) I edited an MSAS properties file on the second server.

    (see here after for the properties file content).

    (1.c) I run the following command as "oracle" on the second server

    [[email protected] bin]$ ./configMSAS.sh

    -properties /u01/oracle/stage/files/properties_files_for_omsas/config_omsas.properties -debug_file /u01/oracle/stage/files/properties_files_for_omsas/config_omsas.log

    NOTE: I tried different values for some parameters, but the result is always the same.

    (see here after for the script output)

    (0) **************************************************************************************************

    MSAS instance "gateway1" on first server (oracleomss.alfalab.priv)

    ---------------------------------------------------------------------------------------------

    [[email protected] ~]$ ls -la /u01/oracle/idmtopad/config/instances

    total 16

    drwxr-x---. 4 oracle oinstall 4096 Oct 26 13:38 .

    drwxr-xr-x. 9 oracle oinstall 4096 Oct 26 14:24 ..

    drwxr-xr-x. 7 oracle oinstall 4096 Oct 28 14:59 gateway1

    drwx------. 8 oracle oinstall 4096 Oct 26 12:59 ohs1

    [[email protected] ~]$

    (1.a) **************************************************************************************************

    MSAS sw on the second server (oraclemsas.alfalab.priv)

    ------------------------------------------------------------------------------

    [[email protected] bin]$ ls -la /u01/oracle/omsastop/

    total 40

    drwxr-x---. 14 oracle oracle 4096 Nov 10 18:29 .

    drwxr-xr-x.  6 oracle oracle   67 Nov 11 12:31 ..

    drwxr-x---.  3 oracle oracle   20 Nov  9 17:22 asoneofftool

    drwxr-x---.  4 oracle oracle   29 Nov  9 17:25 cfgtoollogs

    drwxr-x---.  8 oracle oracle   91 Nov  9 17:22 common

    drwxrwxr-x.  3 oracle oracle   22 Nov 10 18:29 config

    drwxr-x---.  3 oracle oracle   19 Nov  9 17:22 diagnostics

    drwxr-x---. 10 oracle oracle 4096 Nov  9 17:22 inventory

    drwxr-x---. 30 oracle oracle 8192 Nov  9 17:22 modules

    drwxr-x---.  9 oracle oracle   90 Nov 10 17:07 omsas

    drwxr-x---.  2 oracle oracle 4096 Nov  9 17:22 oneoffpatches

    drwxr-x---. 10 oracle oracle 4096 Nov  9 17:22 OPatch

    -rw-r-----.  1 oracle oracle   57 Nov  9 17:21 oraInst.loc

    drwxr-x---.  6 oracle oracle 4096 Nov  9 17:22 oui

    drwxr-x---. 11 oracle oracle 4096 Nov  9 17:24 .patch_storage

    [[email protected] bin]$

    (1.b) **************************************************************************************************

    MSAS properties file

    ---------------------------------

    /u01/oracle/stage/files/properties_files_for_omsas/config_omsas.properties

    MSM_URL: http://oracleomss.alfalab.priv:14180

    MSM_USER_NAME: [email protected]

    MSM_PASS: Password1

    MSAS_INSTANCE_ID: gateway1

    MSAS_INSTANCE_DIR: /u01/oracle/idmtopad/config/instances

    # MSAS_INSTANCE_PORT: 9001

    MSAS_INSTANCE_SSL_PORT: 9004

    OAM_HOST: oracleomss.alfalab.priv

    OAM_PORT: 7001

    OAM_USER_NAME: [email protected]

    OAM_PASSWORD: Password1

    OAM_PROTECT: /

    OAUTH_PORT: 14100

    OAM_COOKIE_DOMAIN: .alfalab.priv

    OAUTH_SP_ENDPOINT: /oauthservice

    OAUTH_IS_SSL: n

    IS_TWO_WAY_SSL: false

    #

    #

    #KEYSTORE_PATH=<KEYSTORE_PATH>

    #KEYSTORE_PASSWORD=<KEYSTORE_PASSWORD>

    #KEYSTORE_SSL_ALIAS=<KEYSTORE_SSL_ALIAS>

    (1.c) **************************************************************************************************

    configMSAS script output

    ----------------------------------------

    Mobile Security Access Server (MSAS) Configuration:

    Configuring The Instance For MSAS Instance Id - gateway1...

    Configuring the OAM Webgate Instance Id - gateway1...

    [2015-11-11T12:31:58.356+01:00] [security] [WARNING] [] [oracle.security.audit.logger] [host: oraclemsas.alfalab.priv] [nwaddr: 192.168.110.60] [tid: 1] [userId: oracle] [ecid: 0000L3qKGp44qmWzLwBT8A1MGmSi000001,0] IAU:IAU-6012: Unable to determine the audit log directory. No log directory specified.

    [2015-11-11T12:31:58.414+01:00] [jps] [NOTIFICATION] [] [oracle.jps.config] [host: oraclemsas.alfalab.priv] [nwaddr: 192.168.110.60] [tid: 1] [userId: oracle] [ecid: 0000L3qKGp44qmWzLwBT8A1MGmSi000001,0] JpsUtil: isAuditDisabled set to true

    [2015-11-11T12:31:58.415+01:00] [jps] [WARNING] [JPS-00223] [oracle.jps.common] [host: oraclemsas.alfalab.priv] [nwaddr: 192.168.110.60] [tid: 1] [userId: oracle] [ecid: 0000L3qKGp44qmWzLwBT8A1MGmSi000001,0] No audit log directory is set. Cannot perform audit operations for component JPS.

    Using default context in /u01/oracle/idmtopad/config/instances/gateway1/config/jps-config.xml file for credential store.

    Credential store location : /u01/oracle/idmtopad/config/instances/gateway1/config

    Credential with map oracle.wsm.security key gms-csf-key stored successfully!

            Credential for map oracle.wsm.security and key gms-csf-key is:

                    PasswordCredential

    [2015-11-11T12:32:00.186+01:00] [wsm] [ERROR] [WSM-02381] [oracle.wsm.resources.policymanager] [host: oraclemsas.alfalab.priv] [nwaddr: 192.168.110.60] [tid: 1] [userId: oracle] [ecid: 0000L3qKGp44qmWzLwBT8A1MGmSi000001,0] Unable to invoke method "getEntity" of class "com.sun.jersey.api.client.ClientResponse" with values "[Ljava.lang.Object;@56210655".

    There were errors in configuring Mobile Security Access Server (MSAS) Instance.

    [[email protected] bin]$

  • VishwaK-Oracle
    VishwaK-Oracle Member Posts: 160 Employee
    edited Dec 1, 2015 6:54AM

    Did anyone resolved this issue ? Please share the details.

    I am facing same issue.

  • BAZZANI Massimo
    BAZZANI Massimo Member Posts: 2
    edited Dec 22, 2015 5:21AM

    All,


    we solved the problem. Now we have other issues, but the issue on running configMSAS.sh is solved.


    In respect with the previous contribute on Nov 11, 2015 8:08 AM we changed the installation location of MSAS:


    MW_HOME location: /u01/oracle/omsastopad/
    ORACLE_HOME location: $MW_HOME/msas

    We also created a complete file system architecture to contain all the needed elements to install MSAS:


    - /u01/oracle/oraInventory
    - /u01/oracle/stage/fmwrepo/jdk (with JDK)
    - /u01/oracle/stage/fmwrepo/installers/omsas (with the MSAS zip file)
    - /u01/oracle/stage/etc/custom_commands (with the script to start/stop MSAS)
    - /u01/oracle/stage/files/properties_files_for_omsas/ (with  the MSAS properties & log file)


    All the file system architecture has "oracle" as owner and "oinstall" as group (in our installation).

    Step 1 -- Install MSAS sw on the dedicate server, running "runInstaller" tool

    Step 2 -- Configure MSAS on the MSAS server

    We created the properties file "config_omsas.gatewayDMZ.properties" under /u01/oracle/stage/files/properties_files_for_omsas/


    Pay attention to the following parameters in the properties file:

    MSM_URL=https://omss.alfagroup.it:14181  (omss.alfagroup.it is the hostname of the MSM server, risolved by the DNS or by the /etc/hosts file)
    MSM_USER_NAME=weblogic (is, in our case, the Default Administrator of WebLogic, using the DefaultAuthentication Provider, not an Active Directory user)
    MSM_PASS=Password1 (is the password of the user indicated by MSM_USER_NAME)
    MSAS_INSTANCE_ID=gatewayDMZ
    MSAS_INSTANCE_ROOT_DIR=/u01/oracle/omsastopad/config/instances  (is equal to $MW_HOME/config/instances
    MSAS_INSTANCE_PORT=9001
    MSAS_INSTANCE_SSL_PORT=9002

    Run the following commands as "oracle" user:

    oracle$ cd  /u01/oracle/omsastopad/msas/omsas/bin
    oracle$ ./configMSAS.sh    -properties /u01/oracle/stage/files/properties_files_for_omsas/config_omsas.gatewayDMZ.properties
                               -debug_file /u01/oracle/stage/files/properties_files_for_omsas/config_omsas.gatewayDMZ.log

    We had the following output:

    .....
    .....

    Mobile Security Access Server (MSAS) Configuration:
    Configuring The Instance For MSAS Instance Id - gatewayDMZ...
    Configuring the OAM Webgate Instance Id - gatewayDMZ...

    [2015-12-21T15:44:45.374+01:00] [security] [WARNING] [] [oracle.security.audit.logger] [host: oraclemsas.alfalab.priv] [nwaddr: 192.168.110.60] [tid: 1] [userId: oracle] [ecid: 0000L74zynj4qmWzLwBT8A1MU11T000001,0] IAU:IAU-6012: Unable to determine the audit log directory. No log directory specified.
    [2015-12-21T15:44:45.434+01:00] [jps] [NOTIFICATION] [] [oracle.jps.config] [host: oraclemsas.alfalab.priv] [nwaddr: 192.168.110.60] [tid: 1] [userId: oracle] [ecid: 0000L74zynj4qmWzLwBT8A1MU11T000001,0] JpsUtil: isAuditDisabled set to true
    [2015-12-21T15:44:45.434+01:00] [jps] [WARNING] [JPS-00223] [oracle.jps.common] [host: oraclemsas.alfalab.priv] [nwaddr: 192.168.110.60] [tid: 1] [userId: oracle] [ecid: 0000L74zynj4qmWzLwBT8A1MU11T000001,0] No audit log directory is set. Cannot perform audit operations for component JPS.

    Adding Server Certificate To The Trust Store......:
    CN=omss.alfagroup.it, OU=Fusion Middleware, O=Oracle, L=Redwood Shores, ST=California, C=US
    CN=Oracle Self-signed, OU=Fusion Middleware, O=Oracle, L=Redwood Shores, ST=California, C=US

    Using default context in /u01/oracle/omsastopad/config/instances/gatewayDMZ/config/jps-config.xml file for credential store.
    Credential store location : /u01/oracle/omsastopad/config/instances/gatewayDMZ/config
    Credential with map oracle.wsm.security key gms-csf-key stored successfully!


            Credential for map oracle.wsm.security and key gms-csf-key is:
                    PasswordCredential


    The Instance For MSAS Instance Id - gatewayDMZ Configured Successfully.


    Step 3 -- Configure MSAS on the MSM server

    After, it is necessary to create an MSAS properties file on the MSM server and run the idmConfigTool.sh pointing to this properties file.
    In our case:

    oracle$ /u01/oracle/idmtopad/products/access/iam/idmtools/bin/idmConfigTool.sh
                          -configOMSS mode=OMSAS
                          input_file=/u01/oracle/stage/files/properties_files_for_omss_with_AD/config_omss.gatewayDMZ.properties
                          log_file=/u01/oracle/stage/files/properties_files_for_omss_with_AD/config_omss.properties.gatewayDMZ.log
                          log_level=FINEST

    Output:

    (1/4) Configuring OMSAS Identity Profile                  Success
    (2/4) Configuring OMSAS KeyStore                          Success
    (3/4) Seeding KSS Credentials                             WLS ManagedService is not up running. Fall back to use system properties for configuration.
    Dec 21, 2015 4:07:29 PM oracle.security.audit.Auditor init
    WARNING: IAU:IAU-6012: Unable to determine the audit log directory. No log directory specified.
    Dec 21, 2015 4:07:29 PM oracle.security.jps.util.JpsUtil disableAudit
    INFO: JpsUtil: isAuditDisabled set to true
    Dec 21, 2015 4:07:29 PM oracle.security.jps.internal.audit.AuditServiceImpl validateLogPossible
    WARNING: No audit log directory is set. Cannot perform audit operations for component JPS.
    Success
    (4/4) Configuring Credential Store                        Success
    [[email protected] ~]$


    Step 4 -- Run MSAS on the MSAS server

    oracle$ cd /u01/oracle/stage/etc/custom_commands/
     
    oracle$ ./6-manageOMSAS.sh   start


    Monitor the MSAS startup:

    oracle$ tail -f ./logs/omsas.log

    Wait for the following messages:

    .....
    .....
    [2015-12-21T16:16:55.378+01:00] [idm] [NOTIFICATION] [] [oracle.idm.gateway.grs.grizzly.installer.GrizzlyServer] [host: oraclemsas.alfalab.priv] [nwaddr: 192.168.110.60] [tid: 1] [userId: oracle] [ecid: 0000L757Dfh4qmWzLwBT8A1MU1V5000001,0] Configured HTTP Port:9001
    [2015-12-21T16:16:55.408+01:00] [idm] [NOTIFICATION] [] [oracle.idm.gateway.grs.grizzly.installer.GrizzlyServer] [host: oraclemsas.alfalab.priv] [nwaddr: 192.168.110.60] [tid: 1] [userId: oracle] [ecid: 0000L757Dfh4qmWzLwBT8A1MU1V5000001,0] Configured HTTPS port:9002
    …..
    …..

    [2015-12-21T16:16:56.114+01:00] [glassfish] [NOTIFICATION] [] [org.glassfish.grizzly.http.server.HttpServer] [host: oraclemsas.alfalab.priv] [nwaddr: 192.168.110.60] [tid: 1] [userId: oracle] [ecid: 0000L757Dfh4qmWzLwBT8A1MU1V5000001,0]  [HttpServer] Started.

    At the end, check with netstat commaand that MSAS is listening on the configured ports:

    [[email protected] custom_commands]$ netstat -anp | grep 9001
    (Not all processes could be identified, non-owned process info
    will not be shown, you would have to be root to see it all.)
    tcp        0      0 :::9001                     :::*                        LISTEN      9137/java

    [[email protected] custom_commands]$ [[email protected] custom_commands]$ netstat -anp | grep 9002
    (Not all processes could be identified, non-owned process info
    will not be shown, you would have to be root to see it all.)
    tcp        0      0 :::9002                     :::*                        LISTEN      9137/java

  • 2707432
    2707432 Member Posts: 19
    edited May 11, 2016 4:24AM

    Team,

    I am getting error while doing deployment (using LCM) for OIM - OAM - OMSAS at stage 'configure' -

    [2016-05-06T01:01:28.556+02:00] [runIAMDeployment-configure] [ERROR] [] [runIAMDeployment-configure] [tid: 1] [ecid: 0000LI2uPihECSWFLz2VOA1NAw3g000001,0] The following error occurred while executing this line:[[

    /u01/oracle/Middleware/Oracle_IDMLCM/provisioning/provisioning-build/common-misc-build.xml:110: Execution of configMSAS is unsuccessful.

    Any suggestion to fix this issue ?

    ~R