|Applies To||RSA Authentication Manager|
Replica Package (replica_package)
Push DB Assisted Recovery
|Issue||Replica broker daemon keeps stopping after starting the Replica brokers processes|
Activity log reports shows ?Replica requires PushDB? and ?Assisted recvry (PushDB) disabled?
Replica 'Replica Sequence Number' references differ between the Primary and Replica when using the ?ACEPROG/sdrepmgmt list? command
Synchronize the Primary and Replica server database.
The following provides instructions to build a replica package on the Primary and manually apply it to the Replica with the 'Push DB Assisted Recovery' disabled. Please refer to the RSA Authentication Manager (RSA ACE/Server) Administrator's Guide for information on the Push DB Assisted Recovery option.
Note: ACEDATA could be /opt/ace/data and ACEPROG could be /opt/ace/prog. Examples in the following instructions were taken from RSA ACE/Server 5.2 (where one primary and four replicas were configured).
1) Remove the ACEDATA/replica_package directory on the Primary and check the Replica in question does not have an ACEDATA/replica_package directory, if it does please remove it.
2) Stop the Primary processes using the RSA ACE/Server stop commands: ?ACEPROG/aceserver stop? and ?ACEPROG/sdconnect stop?
3) Ensure Replica processes have stopped using the RSA ACE/Server stop commands: ?ACEPROG/aceserver stop? and ?ACEPROG/sdconnect stop?
4) On the Primary build a replica package for the Replica in question.
# ./sdsetup -package
One Primary and 4 Replica Servers in the database.
Current license allows to add 6 more Replica(s) to your database.
Do you want to add new Replicas before generating Replica Package? (y/n) [n]: n
There are '4' Replica(s) in the database.
Do you want to generate Replica Package for all known Replicas (y/n) [y]: n
Do you want to select Replicas that will be included into Replica Package (y/n) [y]: y
Generating Replica Package.
RSA ACE/Server Replica Management 5.2 
Copyright (c) 1994-2003
RSA Security Inc.
Enter system to initiate database push to or press Enter to start Package generation: replica01.rsa.net
Enter system to initiate database push to or press Enter to start Package generation: <enter>
Generating Replica package for the following systems:
| Hostname | IP Address |
| replica01.rsa.net | 192.168.0.10 |
Creating package directories...
Truncating BI file...
Copying files into the package...
Package creation complete.
Replica package was generated successfully.
*********************** WARNING *****************************
Database push is not allowed in the current configuration.
Use sdsetup -replica command during the new Replica installation to copy the license and database directories.
Use sdsetup -apply_package command on an existing Replica installation to apply the generated Replica Package.
5) Start the Primary processes using the RSA ACE/Server start commands: ?ACEPROG/sdconnect start? and ?ACEPROG/aceserver start?
6) Tar archive the replica_package directory on the Primary e.g. ?tar cvf replicapack.tar replica_package?
7) Copy the tar archive to the Replica system and untar it into a working directory
tar xvf replicapack.tar
8) Apply the replica package to the Replica e.g. ?ACEPROG/sdsetup ?apply_package /temp/replica_package?
# ./sdsetup -apply_package /temp/replica_package
Applying database files from Replica Package...
Creating new databases......
Copyright 1994 - 2003 by RSA Security Inc.
RSA ACE/Server 5.2
---ALL RIGHTS RESERVED---
Warning: A server database already exists in /opt/ace/data
Do you want to continue (y/n) [y]: y
Server database has been initialized
New server database creation completed
Copying database files from /temp/replica_package/database directory.
Replica Package was successfully applied.
9) Start the Log Monitor on the Primary e.g. ?ACEPROG/sdlogmon ?t?
10) Start the Replica processes using the RSA ACE/Server start commands: ?ACEPROG/sdconnect start? and ?ACEPROG/aceserver start?
11) Expected results in the Primary activity log:
07/24/2006 03:59:44U root ---->/
07/24/2006 13:59:44L Admin server started replica01.rsa.net
07/24/2006 03:59:46U root Replica 192.168.0.10 -----
07/24/2006 13:59:46L Acesyncd started replica01.rsa.net
07/24/2006 03:59:50U root ---->/
07/24/2006 13:59:50L ACE/Server started replica01.rsa.net
07/24/2006 03:59:50U SYSTEM/replica01.rsa.net ----->/
07/24/2006 13:59:50L Radius server started replica01.rsa.net
07/24/2006 03:59:52U root ---->/
07/24/2006 13:59:52L ACE/Server is authenticating replica01.rsa.net
07/24/2006 04:00:01U root Replica 192.168.0.10 -----
07/24/2006 14:00:01L Replica connected to primary replica01.rsa.net
(U indicates UTC and L indicates Local time)
12) The Replica Sequence Number will have changed and now match. To check this do ?ACEPROG/sdrepmgmt list? on the Primary and on the Replica and compare the Replica Sequence Numbers.
|Workaround||A known reason for the symptoms listed was that a replica package was built for the Replica but was not applied|
|Legacy Article ID||a31197|