When clicking on the Visualizer button from the detail page of a Configuration Item (CI), you receive a logon prompt and the following error message:
You also receive the above error message when launching Visualizer directly from the server on which it is configured.
Another error that is associated with this problem is "Login policy is either not found or not matching with the encrypted policy code"
To check the Visualizer proxy contact:
1. On the Administration tab, navigate to SOAP Web Services Policy > Policies.
2. Select the CA_CMDB_VISUALIZER policy. A new window opens.
3. Determine which contact is assigned as the policy’s Proxy Contact. In the screenshot below, which shows the default settings, the Proxy Contact is “System_CMDB_Visualizer_User”.
Note: If your Visualizer policy settings look significantly different from the screenshot above, your policy file may have become corrupt and needs to be recreated. Please see “To recreate the Visualizer policy and .p12 file” section below for details.
4. On the Administration tab, navigate to Security and Role Management > Contacts.
5. Search for and open the contact listed as your policy’s Proxy Contact.
6. Ensure that the Status field is set to Active.
To check if a contact’s Access Type has a SOAP Web Services API Role defined:
1. On the Administration tab, navigate to Security and Role Management > Access Types.
2. Open the Access Type of the user you wish to modify.
3. Click on the 3. Roles tab.
4. Ensure that there is a valid value provided in the SOAP Web Service API Role field. If this field is left blank, users with this Access Type will not be able to log in to Visualizer.
To recreate the Visualizer policy and .p12 file:
Note: The following steps require restarting the Service Desk Manager services. These steps also involve manipulating your database. Please take backups of your database and all critical files before proceeding.
1. Take screenshots of your existing Visualizer policy to aid in rebuilding it. Alternatively, you can use the screenshots provided below to recreate the policy with out-of-the-box settings.
2. On the server where Visualizer is configured, open an administrative command prompt. Navigate to a folder where you have write access.
3. Use the following commands to isolate the existing Visualizer policy, and then delete it from your database:
pdm_extract –f “select * from SA_Policy where code = ‘CA_CMDB_VISUALIZER’” > vizpolicy.dat
pdm_load –r –f vizpolicy.dat
4. Navigate to NX_ROOT\bopcfg\www\CATALINA_BASE_VIZ\webapps\CMBDVisualizer\WEB-INF\classes. Rename the file CA_CMDB_VISUALIZER.p12 to CA_CMDB_VISUALIZER_p12.OLD. If you have multiple servers with Visualizer configured, follow this step on each server.
Note: Do NOT leave the file extension as .p12, as this may cause errors.
5. From the Service Desk web interface, open the Administration tab and navigate to SOAP Web Services Policy > Policies. Verify that the CA_CMDB_VISUALIZER policy is not present.
6. Click on Create New, and recreate the policy based on either your earlier screenshots or the images below, which detail the out-of-the-box configuration.
Note: Both the Symbol and Code fields must be “CA_CMDB_VISUALIZER”.
7. On the server where Visualizer is configured, open an administrative command prompt. Navigate to NX_ROOT\bin.
8. Run the following command to generate a new policy file:
pdm_pki –f –p CA_CMDB_VISUALIZER
9. Take the CA_CMDB_VISUALIZER.p12 file that has been generated in NX_ROOT\bin and move it to NX_ROOT\bopcfg\www\CATALINA_BASE_VIZ\webapps\CMBDVisualizer\WEB-INF\classes. If you have multiple servers with Visualizer configured, copy this same file to the indicated folder on each server.
10. Restart your Service Desk Manager services on all servers.
After the SDM service restart, re-check the CA_CMDB_VISUALIZER policy via the Administration tab -> SOAP Web Services Policy -> Policies. You should see that the 'Has Key' boxed is now set to YES