000022924 - Replica requires a Push DB but the option has been disabled

Document created by RSA Customer Support Employee on Jun 15, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000022924
Applies ToRSA Authentication Manager
RSA ACE/Server
Sun Solaris
Replica Package (replica_package)
Push DB Assisted Recovery
IssueReplica broker daemon keeps stopping after starting the Replica brokers processes
Activity log reports shows ?Replica requires PushDB? and ?Assisted recvry (PushDB) disabled?
Replica 'Replica Sequence Number' references differ between the Primary and Replica when using the ?ACEPROG/sdrepmgmt list? command

Synchronize the Primary and Replica server database.


The following provides instructions to build a replica package on the Primary and manually apply it to the Replica with the 'Push DB Assisted Recovery' disabled. Please refer to the RSA Authentication Manager (RSA ACE/Server) Administrator's Guide for information on the Push DB Assisted Recovery option.


Note: ACEDATA could be /opt/ace/data and ACEPROG could be /opt/ace/prog. Examples in the following instructions were taken from RSA ACE/Server 5.2 (where one primary and four replicas were configured).


1) Remove the ACEDATA/replica_package directory on the Primary and check the Replica in question does not have an ACEDATA/replica_package directory, if it does please remove it.


2) Stop the Primary processes using the RSA ACE/Server stop commands: ?ACEPROG/aceserver stop? and ?ACEPROG/sdconnect stop?


3) Ensure Replica processes have stopped using the RSA ACE/Server stop commands: ?ACEPROG/aceserver stop? and ?ACEPROG/sdconnect stop?


4) On the Primary build a replica package for the Replica in question.



# ./sdsetup -package


One Primary and 4 Replica Servers in the database.

Current license allows to add 6 more Replica(s) to your database.


Do you want to add new Replicas before generating Replica Package? (y/n) [n]: n



There are '4' Replica(s) in the database.

Do you want to generate Replica Package for all known Replicas (y/n) [y]: n


Do you want to select Replicas that will be included into Replica Package (y/n) [y]: y

Generating Replica Package.



   RSA ACE/Server Replica Management 5.2 [178]

                     Copyright (c) 1994-2003

                        RSA Security Inc.



Enter system to initiate database push to or press Enter to start Package generation: replica01.rsa.net


Enter system to initiate database push to or press Enter to start Package generation: <enter>


Generating Replica package for the following systems:



| Hostname                                        | IP Address       |


| replica01.rsa.net                               |     |



Creating package directories...


Updating database...


Truncating BI file...


Copying files into the package...


Finalizing package...


Package creation complete.

Replica package was generated successfully.


*********************** WARNING *****************************

Database push is not allowed in the current configuration.


Use sdsetup -replica command during the new Replica installation to copy the license and database directories.   


Use sdsetup -apply_package command on an existing Replica installation to apply the generated Replica Package.         





5) Start the Primary processes using the RSA ACE/Server start commands: ?ACEPROG/sdconnect start? and ?ACEPROG/aceserver start?


6) Tar archive the replica_package directory on the Primary e.g. ?tar cvf replicapack.tar replica_package?


7) Copy the tar archive to the Replica system and untar it into a working directory


cd /temp

tar xvf replicapack.tar


8) Apply the replica package to the Replica e.g. ?ACEPROG/sdsetup ?apply_package /temp/replica_package?


# ./sdsetup -apply_package /temp/replica_package


Applying database files from Replica Package...

Creating new databases......


               Copyright 1994 - 2003 by RSA Security Inc.

                         RSA ACE/Server 5.2


                       ---ALL RIGHTS RESERVED---

Warning: A server database already exists in /opt/ace/data


Do you want to continue (y/n) [y]: y


Server database has been initialized

New server database creation completed

Preparing databases......

Copying database files from /temp/replica_package/database directory.


Replica Package was successfully applied.




9) Start the Log Monitor on the Primary e.g. ?ACEPROG/sdlogmon ?t?


10) Start the Replica processes using the RSA ACE/Server start commands: ?ACEPROG/sdconnect start? and ?ACEPROG/aceserver start?


11) Expected results in the Primary activity log:


07/24/2006 03:59:44U root                              ---->/

07/24/2006 13:59:44L Admin server started              replica01.rsa.net


07/24/2006 03:59:46U root Replica       -----

07/24/2006 13:59:46L Acesyncd started                  replica01.rsa.net


07/24/2006 03:59:50U root                              ---->/

07/24/2006 13:59:50L ACE/Server started                replica01.rsa.net


07/24/2006 03:59:50U SYSTEM/replica01.rsa.net         ----->/

07/24/2006 13:59:50L Radius server started             replica01.rsa.net


07/24/2006 03:59:52U root                              ---->/

07/24/2006 13:59:52L ACE/Server is authenticating      replica01.rsa.net


07/24/2006 04:00:01U root Replica       -----

07/24/2006 14:00:01L Replica connected to primary      replica01.rsa.net


(U indicates UTC and L indicates Local time)


12)  The Replica Sequence Number will have changed and now match. To check this do ?ACEPROG/sdrepmgmt list? on the Primary and on the Replica and compare the Replica Sequence Numbers.

WorkaroundA known reason for the symptoms listed was that a replica package was built for the Replica but was not applied
Legacy Article IDa31197