Known issues if the UI won't launch:
- No special characters are allowed in the password. Characters like "?%+" are not allowed.
- Verify whether all required services are running. For the console to successfully launch (read: you'll see a UI prompt), we need these Linux daemons to run: Tomcat, Postgres, and Apache. This article adresses how you can determin if these Daemons are running.
- If the Postgres service is not running, verify if there are any disk space issues- see the section below for how to do this.
- You can also use the "monitoring db reset force" followed by reload of director. This will reinitialize the database. For details on how to use the CLI, see 000014637
- Correct browser interaction with Tomcat.
- TIP: Starting with SGME 184.108.40.206 you can access the web gui by pointing your browser to port 8082. Once authenticated, Director downloads the correct Director Manager Client (JAVA client) to your workstation, and launches it. Prior to this version, you need to download, and install the correct DMC to your Windows workstation.
A: Checking that the Tomcat, Postgres, and Apache services are running:
To determine if these services are running you will need to use SSH to login to Director. Director is based on the popular open source operating system Linux and consequently runs most Linux commands. One such command that allows you to check a status on a demon is the command "ps - aux." Running this command, you should see an output, simliar to those below, if the three services are running properly. If you don't see them in the list, they are not running.
To login, using SSH, follow these steps.
Open a SSH session to to the Director box. .
- Enter the enable mode by following the steps.
- director > enable
- director #
- Enter the configuration mode, by following these steps.
- director # config t
- director (config) #
- Enter the shell command.
- director (config) # "shell."
- Here you have access to most LINUX commands.
- At the prompt., enter the "ps aux" command
The below screenshot shows what the output would looklike for the Postgres, and Apache daemons.
To narrow down your searches, use this syntax.
- For Apache, use "ps aux | grep httpd "
- For Postgres, use "ps aux |grep postmaster"
The bellow screenshot is the output from a "ps aux" command looking for the Tomcat daemon.
- To narrow down your search, you can use the "ps aux |grep tomcat" command
Finding the process IDs.
Often, to check on the status of a daemon in Linux, you need to find the process ID. To find a process ID you use the pgrep command. For more information on the pgrep command, see pgrep.
- Use "pgrep postmaster" to find the Postgres service ID.
- Use "pgrep java" to find the Tomcat service ID.
- Use "pgrep httpd" to find the Apache service ID.
Verifying disk space:
- Use " df -h" to verify if you are running low on disk space.
An output, simliar to the one below, should show used/available disk space.
B: Flow chart for how Tomcat interacts with the java client/browser:
- Browser sends a request along with the right credentials to load the login page.
- Tomcat verifies the credentials and then, once we know they are valid, stores them in the postgres database.
- Credentials are validated through the Java Password Authentication Module (JPAM) . For more information on what JPAM is, see WIKI. NOTE:The credentials are kept in the default Linux file, found in /etc/shadow
- If the user credentials are validated, credentials are stored in postgres database.
- The record ID of the database entry is copied into JNLP file and then passed back to the browser.
- The Director Management Console (DMC) can now be launched through the downloaded .jnlp file.
- The DMC now uses the record ID in the .jnlp file to login to Director.
- The normal user interface is now launched. Once successful, the record ID is requested to be deleted by DMC and thus cleaned from the .jnlp file.
- NOTE on Step 2: If the Tomcat daemon is not running we will fail here.
- NOTE on Step5: If the Postgres database daemon is not running, we will fail at this step. Another way to verify if the the Postgres daemon is not running is to look through the var/log/messages file. If you see the word 'bailing' as per the below example, please call Bluecoat support, and log a call, mentioning this KB article :
- seen in Var/log/messages file:
- Line 3232: Jan 7 19:19:48 director cli: <-cli.crit> rixtx09@::ffff:192.168.1.1: Binding not consumed during reverse-mapping: pm:process:dnscache:enable
Line 3404: Jan 7 22:10:23 director dmd: <dmd.crit> Database connection not established
Line 4191: Jan 10 19:07:51 director dmd: <dmd.crit> Database connection not established
Line 4192: Jan 10 19:07:51 director dmd: <dmd.crit> dd_pgsql_db_create_tables(), dmd_pgsql_db.c:2543, build 000000: Error 1 returned, bailing out.
- Workaround if the database is in this condition: Take the archive of the director, and then execute the CLI command - "monitoring db reset force" followed by reload of director. This will reinitialize the database. After this, then restore the archive, and reload the director. Some older versions do not have this command. If so, see 000015698 for details on how to do this manualy.
- NOTE on Step7: If the HTTP daemon is not running, we will fail here.
C: Check that the DNS daemon is running.
- In the LINUX shell, run these commands.
- sh-2.05b# /etc/init.d/djbdns stat ( checks to see if the DNS service is running)
- sh-2.05b# dnsip google.com ( procures the ip address of google.com)
- sh-2.05b# Ping <SG ip address> ( checks to see if we can reach the SG)
- The Apache daemon provides the Web server service. For more information on the Apache Web server, see Apache.
- The Tomcat daemon implements the Java Servlet and the JavaServer Pages (JSP) specifications from Sun Microsystems, and provides a "pure Java" HTTP web server environment for Java code to run. For more information on Tomcat, see Tomcat..
- Postgres is a open source database service. For more information on this open source database, see Postgres.
- All these above services, and any services that runs on the Linux operating systms, are called "daemons."
NOTE1: For more detailed troubleshooting tips, using the Directors logs and archiving feature, see 000011526
NOTE2: For a list of what ports Director needs to have open, see KB3457
NOTE3: For details on a low disk space issue, causing the the UI not to load, see 000008751
NOTE4: For instructions on how to procure a archive/ dump file to send to Bluecoat Support, see 000008073
NOTE5: For information on how to default the configuration of Director, see 000010606
NOTE6: In earlier versions of Director- versions less than 220.127.116.11- neither Tomcat, or Postgress were used for Director- However, you still needed the apache daemon running. In these versions you need to download the Director Client, and login to your appliance through that.
NOTE7: For details on other CLI commands, see 000014637
For the latest version of the Director client, see Director client