7.4 Uninstalling Administration Console

Only the primary version of Administration Console contains the certificate authority. If you uninstall this version, you can no longer use Access Manager for certificate management. You need to promote a secondary console to be the primary console. See Installing Secondary Administration Console in the NetIQ Access Manager 5.0 Administration Guide.

IMPORTANT:If you are uninstalling all Access Manager devices, the primary Administration Console must be the last device you uninstall. The uninstall programs for the other devices contact the primary Administration Console and validate the admin’s credentials before allowing the device to be removed.

Uninstalling Administration Console

  1. Unzip the tar.gz file by using the following command:

    tar -xzvf <filename>

  2. Log in as the root user or equivalent.

  3. At the command prompt of the Access Manager directory, enter the following:

    ./uninstall.sh

    IMPORTANT:If SLES 12 SP4 has the latest patches from SUSE update channel, run the systemctl enable ndsd.service command and then choose option 6.

  4. Specify option 6 to uninstall all products or specify Q to quit without uninstalling.

    You must use option 6 instead of option 1.

  5. After running the./uninstall.sh script, go to Auditing > Troubleshooting > Other Known Device Manager Servers, then remove the entry for this secondary Administration Console from the servers list.

    A log file is created at /tmp/novell_access_manager_uninstall.log.

Removing Administration Console Replicas

Remove any traces of the Administration Console replicas from the configuration datastore:

  1. In Administration Console Dashboard, click <user name> at the top right of the page and thenclick Configure Console.

  2. Click Objects.

  3. In the tree view, click novell.

  4. Delete all objects that reference the failed primary Administration Console. You should find the following types of objects:

    • SAS Service object with the hostname of the failed primary console

    • An object that starts with the last octet of the IP address of the failed primary console

    • DNS AG object with the hostname of the failed primary console

    • DNS IP object with the hostname of the failed primary console

    • SSL CertificateDNS with the hostname of the failed primary console

    • SSL CertificateIP with the hostname of the failed primary console

    • NCP server object

  5. Run the /opt/novell/eDirectory/bin/ndsstat -r command to view the list of available replicas.

  6. If you can still see the replica that you deleted from Other Known Device Manager Servers, then perform the following steps:

    1. Log in to Administration Console as a root user.

    2. Change to the /opt/novell/eDirectory/bin directory.

    3. Run the ndsrepair -P -Ad command.

    4. Select the replica and click View replica ring. Select the name of the replica that is visible and click Remove this server from replica ring.

    5. Specify the DN of the admin user in leading dot notation. For example, .admin.novell.

    6. Specify the password and select I Agree.