000021868 - Enable ACE/Server Lock-Manager Debug Mode

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000021868
Applies ToRSA ACE/Server 5.0 (no longer supported as of 8-15-2004)
RSA ACE/Server 5.0.1 (no longer supported as of 8-15-2004)
UNIX (AIX, HP-UX, Solaris)
Sun Solaris
IssueEnable ACE/Server Lock-Manager Debug Mode
ResolutionACE/Server Lock-Manager Diagnosis
Notes/Assumptions
The references to ?hostname? are enclosed in accent-grave, not single-quote. This causes the hostname command to be executed and its result placed in-line in the command. Wherever ?`hostname`? is shown, it could be replaced with the name of the host on which the command is executed. References to <pid> will be replaced with a process ID of the associated process. Standard definitions for ACEPROG and ACEDATA are understood; they represent the ACE/Server software installation directory and ACE/Server database directory, respectively. Commands starting with period (?.?) are assumed to be executed in ACEPROG.

ACE/Server Lock-Manager Diagnosis Procedure:

On Primary and Each Replica:
Stop any ACE/Server processes. (./aceserver stop).
Stop any ACE/Server database broker processes. (./sdconnect stop).
Verify syslog is configured to gather all messages. Entry in syslog.conf should have, at minimum:
                 *.info;*.err  /var/adm/messages
Correct operation can be verified using ?logger? (logger -p user.info "HELLO"). You should be able to find the text ?HELLO? in the /var/adm/messages file.
Reset/clear syslog file. Force syslog daemon to re-read its configuration, if changed in step 1.4 (kill ?HUP `cat /etc/syslog.pid`)
Set RSA_LM_TRACE equal to one (1) in the shell environment from which the ACE/Server processes will be started.
Set SDI_ACESRV_TRACE equal to ?crossrealm? in the shell environment from which the ACE/Server processes will be started.
Remove any old ACEDATA/lmtrace_*.out files.
Capture an ./sdinfo output. (./sdinfo > sdinfo.`hostname`)
Capture an ./sdrepmgmt list output. (./sdrepmgmt list > sdrepmgmt.`hostname`)
Empty/zero log database. (./sdnewdb log)
Make sure each of the above steps is performed on all systems in the realm.

Once the above steps are complete, go to the Primary and each Replica and:
Start database brokers. (./sdconnect start).
Start ACE/Server processes (./aceserver start).  Be sure to use the same shell/window/process that previously had the environment variables defined
After starting the systems, wait 30 seconds for all processes to connect and databases to reconcile.
Monitor the reconciliation progress by using the tail command on the /var/adm/messages file (i.e., tail ?f /var/adm/messages).
Verify that one or more ACEDATA/lmtrace_<pid>.out files have been created. The <pid> will be the process ID of the _aceserver_fe process.
Verify that an ?aceserver.trace? file is being created.
Capture a ?netstat? command. (netstat ?an > netstat.`hostname` ) to show socket connections.

Go to the agent and perform an authentication.

Once the authentication is done, go to the Primary and each Replica and:
Stop ACE/Server processes (./aceserver stop).
Stop database brokers. (./sdconnect stop).
Dump the log database. (./sddump -l -f sdlog.`hostname`.dmp -m).
Collect all data files from the system:        
        ACEDATA/lmtrace_<pid>.out  
        ACEDATA/aceserver.trace
        ACEPROG/sdlog.`hostname`.dmp
        ACEPROG/sdinfo.`hostname`
        ACEPROG/sdrepmgmt.`hostname`
        ACEPROG/netstat.`hostname`
        /var/adm/messages

When complete, there should be at least 21 files in the diagnostic package; seven files from each of the three systems (the Primary and two Replicas).

Variants of this procedure would be to only stop the Acting-Master Replica system at step 4 and repeat the authentication (Step 3) allowing the Acting-Slave to handle the authentication.
Legacy Article IDa6396

Attachments

    Outcomes