4.2.1 Adding Configurations to a Cluster
Access Manager provides various configuration files with default settings. When you need to make any customization in a file’s default values, you add and modify that file on Advanced File Configurator. Therefore, the Advanced File Configurator lists only modified configuration files.
For modifying a configuration file or folder, you need to add it to the UI first if not added already. You can add a folder in the ZIP or tar.gz format. The name of the folder must be the same as it is specified in . For example, you want to upload a folder to /opt/novell/nam/idp/webapps/nidp/jsp. In this case, ensure that the name of the folder is jsp and the format is ZIP or tar.gz.
You can add files and folders using one of the following approaches based on the requirement:
-
Upload a file or a folder:You can download files from a server by using modify these offline, verify the changes, and then upload it to Advanced File Configurator by using . This approach is useful for making considerable changes.
-
Edit configurations on the server: Fetch a file or folder from a server, modify it online, and add to Advanced File Configurator. This approach is useful for making small changes.
IMPORTANT:
-
For adding a configuration file, at least one cluster of that component must be configured and the server health must be green.
-
Permissions associated with a file or folder are inherited when you add a new file or folder. Access Manager retains permissions of the parent folder while replacing an existing file or folder.
-
When you add a folder, it overwrites the existing folder on the server completely. If you have modified only a few files in the folder and want to retain other files, add the modified files individually to Advanced File Configurator instead of using the folder upload option.
-
server.xml contains the specific keystore password and server address in connectors for each device. While applying changes from this file, IP addresses and keystore passwords available in the server.xml connectors for that device are retained.
Perform the following steps to add a file or a folder to a cluster:
-
In Administration Console Dashboard, click .
-
Select the device-specific tab based on your requirement. For example, if you want to add a file for Access Gateway, select the Access Gateway tab.
-
Click the plus icon (
) and select one of the following options:-
: To make a minor change in a file, you can fetch the file from any device of a cluster and make the required change in > .
-
: To make considerable changes. Such as for JSP customizations, you can fetch a file from a device, download, modify it offline, verify the changes, and then upload it from your local system using this option.
-
: To verify configurations and making offline changes, you can download files from a server.
The following steps are for and options. If you want to download files from a server, see Downloading Files from a Server.
-
-
Specify the following details:
Field
Description
To add a single file, perform the following actions:
-
Select .
-
Select the file in . Access Manager lists the default files.
-
displays the default location for the selected file. Modify the location if required.
To add a folder, perform the following actions:
-
Select .
-
Select the location to add files in . Access Manager lists the default folder locations. You can specify a custom location if the list does not contain the desired location.
For the list of default locations, see Access Manager Configuration Folders.
Select the cluster for which you want to add files. This option does not apply to Administration Console.
Add files or folders by using one of the following approaches based on the option you have selected in Step 3:
-
If you have selected , click and select the required file. If you have selected under , you can upload files only in the ZIP format.
NOTE:Ensure that the size of the file that you are uploading does not exceed 120 MB.
-
If you have selected , select the device from which you want to import the file, and click .
Click File Editor to make the required changes or compare it with the same file from any server of the same or another cluster.
For information about comparing files, see Comparing Configuration Files.
Turn on the toggle if the configuration changes in this file require the service restart to take effect.
-
For Identity Server and Access Gateway: When this option is enabled, you are prompted to perform for the relevant cluster after sending changes to devices. After updating the server, the device-specific service is restarted.
-
For Administration Console: When this option is enabled, after sending changes to devices, Advanced File Configurator displays a message indicating the service restart is required. Restart Administration Console manually by running the following commands:
/etc/init.d/novell-ac restart
Or
systemctl restart novell-ac.service
Turn on the toggle if you do not want to retain this configuration change in the next Access Manager upgrade.
This option helps you identify the files that you need to remove after the upgrade. For example, a temporary code fix. If this is turned on, you must remove this file manually after the upgrade.
Select the type of modification from the list. You can specify the type manually if the list does not contain the required type.
You can later use this information to search for files that are updated for a specific type. For example, you can search for all files for which is Security Setting.
Specify the details of the changes you have made in the file. As you might require to update the configurations many times over the period, you can use these details to track when and what changes were done in the file. You can also use this information as criteria to search for specific files.
-
-
Click .
-
To apply the configurations of this file, continue with Applying Configurations to Devices.