You can enable Identity Server logging to dump more verbose Liberty information to the catalina.out file on both Identity Server and the Embedded Service Provider of Access Gateway.
Click Devices > Identity Servers > Edit > Auditing and Logging.
Select Enabled for File Logging and Echo to Console.
In the Component File Logger Levels section, set Application and Liberty to a debug level.
Click OK, update Identity Server, then update Access Gateway.
After enabling and applying the changes, duplicate the issue to add specific details to the log file for the issue.
If the error is the 100101044 error, look at the log file on the Embedded Service Provider for the error code
If the error is the 100101043 error, look at the log file on Identity Server for the error code.
Check the catalina.out file.
(Conditional) To view the log files from Administration Console, click Auditing > General Logging, then select the file and download it.
(Conditional) To view the log files on the device, change to the /var/opt/novell/nam/logs/idp directory.
Below are a few entries illustrating the most common problems. They are from the catalina.out file of ESP: