Maintaining Core Services in File Access Manager

Maintaining Core Services in File Access Manager

These steps can be used for these core and other File Access Manager services:

  • File Access Manager Activity Analytics
  • File Access Manager Agent Configuration Manager
  • File Access Manager Business Asset Control
  • File Access Manager Business Website (Web Client)
  • File Access Manager Central Permission Collection (CPC)
  • File Access Manager Central Data Classification (CDC)
  • File Access Manager Collector Synchronizer
  • File Access Manager Crowd Analyzer
  • File Access Manager Reporting Service
  • File Access Manager Scheduled Task Handler
  • File Access Manager User Interface
  • File Access Manager Workflow

Prerequisites

Before installing or moving a service, the File Access Manager Server Installer must be installed on each of the servers involved (for example, in case of a move, on both the server a service is currently on, and the server it will be moved to).

Installing a Service

Note: When you install the File Access Manager Business Website (Web Client), IIS will be installed with it if it is not already present on the server.

  1. Launch the File Access Manager Server Installer.
  2. If a database is not already configured, choose Create a New IdentityIQ File Access Manager Database. Refer to the File Access Manager Server Installation Guide for details on creating new database. Otherwise, choose Use an existing IdentityIQ File Access Manager Database.
  3. Enter the database credentials and click Next.
  4. In the Action Select page, select Create / Edit installation configuration and click Next.
  5. If the server where you want to install the service is not in the server list, add it by entering the details of the server. For new servers, provide the Server Local Name (short NETBIOS name) and Server FQDN (Fully Qualified Domain Name). Then click Add to add this server to the Server List.
  6. Click Next.
  7. Click on the drop-down list for the service you want to install (for example, Crowd Analyzer), to choose the server to install it on; if a Listening Port is required, provide the port number.
  8. Click Next.
  9. In the next panel:
    • If you are installing this service on the same server where you are running the Server Installer, click Save Configuration and Perform current Server's installation Tasks.
    • If you will install this service on a different server, click Save Configuration Only and refer to the Installing on a Separate Server section below.
  10. Click Next.
  11. When the progress bar shows Finished, click Next. This opens the Installation Summary window.

Checking the Logs

  1. In the the Installation Summary window, check the Open Installation Log box, then click Finish. This opens the installation log.
  2. In the installation log, search for the term ERROR (using all capital letters) to see if any errors occurred during installation of the File Access Manager services.
  3. In case of errors, you can try to troubleshoot the error, or contact SailPoint Support for further assistance. If you contact Support, you will need to send the install log to analyze the issue.

Installing on a Separate Server

To install the service on a different server than the one you were working on in the section above, follow these additional steps:

  1. On the new server, install the File Access Manager Server Installer if it is not present already.
  2. Launch the File Access Manager Server Installer.
  3. When prompted, choose choose Use an existing IdentityIQ File Access Manager Database
  4. Enter the database credentials to connect to the same database you created or connected to in the section above.
  5. On the Action Select page, choose Perform Current Server's Installation Tasks and click Next.
  6. The next panel lists the services the installer will install on this server. Verify the configuration and click Next.
  7. Click Next, then click Finish to complete the installation and open the Installation Summary window.
  8. Check the installer logs as described in the Checking the Logs section above.

Moving a Service

Services may sometimes need to be moved due to architecture or hardware changes in your environment. Also, if there is high resource usage on a server due to several File Access Manager core services running on the same server, it is advisable to move some of the services to a different server.

Important: the Agent Configuration Manager service should only be moved by someone with a full understanding of the File Access Manager deployment architecture. Please contact SailPoint for assistance with moving this service.

On the current server (where the service is installed now):

  1. Launch the File Access Manager Server Installer.
  2. Choose Use an existing IdentityIQ File Access Manager Database.
  3. Enter the database credentials and click Next.
  4. In the Action Select page, select Create / Edit Installation Configuration and click Next.
  5. If the server you want to move the service to is not in the server list, add it by entering the details of the server. For new servers, provide the Server Local Name (short NETBIOS name) and Server FQDN (Fully Qualified Domain Name). Then click Add to add this server to the Server List.
  6. Click Next.
  7. Click on the drop-down list for the service you want to move (for example, Crowd Analyzer), and choose the server you want to move it to; if a Listening Port is required, provide the port number.
  8. Click Next.
  9. In the next panel, click Save Configuration and Perform current Server's installation Tasks. If this option is not enabled, click Save Configuration Only.
  10. Click Next.
  11. When the progress bar shows Finished, click Next. This opens the Installation Summary window. Check the installer logs as described in the Checking the Logs section above.

On the new server (the one you want to move the service to):

  1. Launch the File Access Manager Server Installer.
  2. Choose Use an existing IdentityIQ File Access Manager Database.
  3. Enter the database credentials and click Next.
  4. In the Action Select page, select Perform current Server's installation Tasks and click Next.
  5. The next page shows a summary of the services that will be moved to this server. Verify the configuration and click Next.
  6. Click Next, then click Finish to complete the installation.
  7. When the progress bar shows Finished, click Next to open the Installation Summary window. Check the installer logs as described in the Checking the Logs section above.

Uninstalling a Service

Note that core services are required for your File Access Manager environment, and should be uninstalled with caution.

Important: The Agent Configuration Manager service should be the last core service to be uninstalled. This service should only be uninstalled by someone with a full understanding of the File Access Manager deployment architecture. Please contact SailPoint for assistance before uninstalling this service.

To uninstall a service:

  1. Launch the File Access Manager Server Installer.
  2. Choose Use an existing IdentityIQ File Access Manager Database.
  3. Enter the database credentials and click Next.
  4. In the Action Select page, select Uninstall File Access Manager features from the current server and click Next.
  5. Select the service(s) you want to uninstall.
    Note: By default, all the services installed on the server are selected for uninstall. Click Select All to de-select all the options and individually select the services as desired.
  6. Click Next to start the uninstall process.
  7. When the progress bar shows Finished, click Next to open the Installation Summary window. Check the installer logs as described in the Checking the Logs section above.

Troubleshooting

Issue: Health Center shows the status Red.
Resolution: Follow these steps:

  1. Go the server on which the service is running.
  2. If the service is stopped, restart the service.
  3. If the service is running, try restarting the service. This can help resolve communication issues.
  4. Check the log related to the service and verify that there were no errors while starting the service.
  5. To troubleshoot errors, turn on DEBUG for the service:.
    1. Browse to the installation folder of the service.
    2. Find the config file for the service. This file has the extension .config
    3. In the config file, search for the word <root> and change the value in the next line from  <level value="ERROR"/> to <level value="DEBUG"/>
    4. Save your changes.
    5. Back up or delete the existing log for the service.
    6. Restart the service.
  6. If the steps above do not resolve the issue, contact SailPoint for further assistance. You will be required to send the DEBUG log to analyze the issue.

 

Comments

Thank You! This is really helpful.

Version history
Revision #:
8 of 8
Last update:
‎Aug 23, 2019 05:03 PM
Updated by: